CyberSecurityBoard
Sponsor Register Login

Critical Flaw in Salesforce AgentForce Extension Exposes Data to Attackers

A critical security vulnerability has been discovered in the Salesforce AgentForce browser extension, which is widely used by customer service teams to enhance productivity. This flaw could allow attackers to access sensitive customer data and internal communications, posing significant risks to organizations relying on Salesforce for their CRM needs. The vulnerability stems from improper handling of permissions and data access controls within the extension, enabling malicious actors to exploit these weaknesses remotely. Salesforce has been alerted and is working on a patch to address the issue promptly. Users of the AgentForce extension are advised to monitor updates closely and implement recommended security measures to mitigate potential exploitation. This incident highlights the ongoing challenges in securing third-party extensions integrated with major platforms and underscores the importance of rigorous security assessments and timely patching to protect enterprise data.

This Cyber News was published on www.infosecurity-magazine.com. Publication date: Thu, 25 Sep 2025 16:05:03 +0000


Cyber News related to Critical Flaw in Salesforce AgentForce Extension Exposes Data to Attackers

Salesforce deepens AI ties with OpenAI, Anthropic to power AgentForce platform in 2025 - Salesforce has announced a strategic expansion of its AI partnerships with leading firms OpenAI and Anthropic to enhance its AgentForce platform, set to launch in 2025. This collaboration aims to integrate advanced AI capabilities into Salesforce's ...
1 month ago Reuters.com
How to perform a proof of concept for automated discovery using Amazon Macie | AWS Security Blog - After reviewing the managed data identifiers provided by Macie and creating the custom data identifiers needed for your POC, it’s time to stage data sets that will help demonstrate the capabilities of these identifiers and better understand how ...
1 year ago Aws.amazon.com
Critical Flaw in Salesforce AgentForce Extension Exposes Data to Attackers - A critical security vulnerability has been discovered in the Salesforce AgentForce browser extension, which is widely used by customer service teams to enhance productivity. This flaw could allow attackers to access sensitive customer data and ...
2 months ago Infosecurity-magazine.com
Salesforce Lays-Off 700 Staff - American CRM giant Salesforce is reportedly reducing its workforce again, on top of a sizeable reduction back in 2023. The Wall Street Journal reported that Salesforce is laying off 700 workers, or 1 percent of its workforce, in the latest round of ...
1 year ago Silicon.co.uk
Inside the strategy of Salesforce's new Chief Trust Officer - In this Help Net Security interview, Arkin discusses a collaborative approach to building trust among customers, employees, and stakeholders, focusing on transparency, shared responsibility, and empowering others to integrate trusted and responsible ...
1 year ago Helpnetsecurity.com
ShinyHunters behind Salesforce data theft attacks at Qantas, Allianz Life, and LVMH - A wave of data breaches impacting companies like Qantas, Allianz Life, LVMH, and Adidas has been linked to the ShinyHunters extortion group, which has been using voice phishing attacks to steal data from Salesforce CRM instances. These breaches have ...
3 months ago Bleepingcomputer.com Hunters Scattered Spider
Salesforce Attacks: Latest Threats and Security Measures - Salesforce, a leading customer relationship management platform, has increasingly become a target for cyber attackers. This article delves into the latest Salesforce attacks, highlighting the methods threat actors use to exploit vulnerabilities and ...
2 months ago Cybersecuritynews.com CVE-2023-34362 CVE-2023-34363 UNC2452
Salesforce Releases Forensic Investigation Guide - Salesforce has published a comprehensive Forensic Investigation Guide aimed at helping organizations effectively investigate security incidents within their Salesforce environments. This guide provides detailed methodologies, best practices, and ...
2 months ago Cybersecuritynews.com
Allianz Life confirms data breach impacts majority of 1.4 million customers - ShinyHunters is a group of threat actors who are linked to multiple high-profile data breaches and attacks, including those against PowerSchool and the SnowFlake attacks, which ...
4 months ago Bleepingcomputer.com Hunters
CVE-2025-64322 - Incorrect Permission Assignment for Critical Resource vulnerability in Salesforce Agentforce Vibes Extension allows Manipulating Writeable Configuration Files.This issue affects Agentforce Vibes Extension: before 3.2.0. ...
3 weeks ago
CVE-2025-64321 - Improper Neutralization of Input Used for LLM Prompting vulnerability in Salesforce Agentforce Vibes Extension allows Manipulating Writeable Configuration Files.This issue affects Agentforce Vibes Extension: before 3.2.0. ...
3 weeks ago
CVE-2025-64320 - Improper Neutralization of Input Used for LLM Prompting vulnerability in Salesforce Agentforce Vibes Extension allows Code Injection.This issue affects Agentforce Vibes Extension: before 3.2.0. ...
3 weeks ago
ShinyHunters claims 1.5 billion Salesforce records stolen in Drift hacks - In a significant cybersecurity incident, the hacking group ShinyHunters has claimed responsibility for stealing 1.5 billion Salesforce records through breaches involving the company Drift. This massive data breach highlights the increasing risks ...
2 months ago Bleepingcomputer.com ShinyHunters
Critical Apache Log4j2 flaw still threatens global finance - Critical Apache Log4j2 flaw still threatens global finance. CISA adds Apache Flink flaw to its Known Exploited Vulnerabilities catalog. CISA adds GitLab flaw to its Known Exploited Vulnerabilities catalog. Russia-linked APT28 used post-compromise ...
1 year ago Securityaffairs.com CVE-2022-38028 CVE-2023-49103 CVE-2023-20198 CVE-2023-40044 APT28 Rocke
Critical unauthenticated RCE flaw in OpenSSH server - MUST READ. Critical unauthenticated remote code execution flaw in OpenSSH server. Expert released PoC exploit code for Veeam Backup Enterprise Manager flaw CVE-2024-29849. CISA adds Oracle WebLogic Server flaw to its Known Exploited Vulnerabilities ...
1 year ago Securityaffairs.com CVE-2024-29849 CVE-2023-49103 CVE-2023-20198 CVE-2023-38831 Rocke
Scattered Lapsus Hunters Returns With Salesforce Leak Site - The Lapsus$ hacking group, known for its high-profile cyberattacks, has resurfaced with a new leak site targeting Salesforce, a major cloud software company. This resurgence follows a period of inactivity and signals a renewed threat to enterprise ...
1 month ago Darkreading.com Lapsus$
FBI Warns of Threat Actors Targeting Salesforce Customers - The FBI has issued a warning about threat actors targeting Salesforce customers through sophisticated cyberattacks. These threat actors exploit vulnerabilities and use social engineering tactics to gain unauthorized access to Salesforce environments, ...
2 months ago Darkreading.com
Juniper Networks fixed a critical authentication bypass flaw in some of its routers - MUST READ. Threat actors actively exploit D-Link DIR-859 router flaw CVE-2024-0769. CISA adds Oracle WebLogic Server flaw to its Known Exploited Vulnerabilities catalog. Russia-linked APT28 used post-compromise tool GooseEgg to exploit CVE-2022-38028 ...
1 year ago Securityaffairs.com CVE-2024-0769 CVE-2022-38028 CVE-2024-0204 CVE-2023-49103 CVE-2023-38831 CVE-2023-40044 APT28 Rocke
The Biggest Tech Talent Gap Can Be Found in the SAP Ecosystem - They're not just looking for people who can write code; they want individuals who can implement, integrate, and run a variety of software platforms crucial for modern businesses. A recent Forbes case study explored dynamic areas like cybersecurity, ...
1 year ago Cysecurity.news
Salesforce CLI Installer Vulnerability Exposes Users to Potential Attacks - A critical vulnerability has been discovered in the Salesforce CLI installer, posing significant security risks to users. This flaw allows attackers to exploit the installation process, potentially leading to unauthorized access and system ...
2 months ago Cybersecuritynews.com CVE-2024-XXXX
Patch Now: Attackers Pummel Critical, Easy-to-Exploit OwnCloud Flaw - Hackers are actively exploiting a critical flaw in the open source ownCloud platform that allows access to access admin passwords, mail server credentials, and license keys, exposing their enterprise to data breaches or other types of malicious ...
1 year ago Darkreading.com CVE-2023-49103 CVE-2023-49105 CVE-2023-49104
ShinyHunters starts leaking data stolen in Salesforce attacks - ShinyHunters, a notorious cybercriminal group, has begun leaking data stolen from recent Salesforce attacks. This development marks a significant escalation in the ongoing cyber threats targeting major cloud service providers. The leaked data ...
1 month ago Bleepingcomputer.com ShinyHunters
SalesLoft March GitHub repo breach led to Salesforce data theft attacks - In March 2024, SalesLoft experienced a significant security breach when attackers accessed a GitHub repository, leading to a data theft incident targeting Salesforce customers. The breach exposed sensitive information that threat actors leveraged to ...
2 months ago Bleepingcomputer.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)