CSOonline

Insecure Apex code plagues many Salesforce deployments

Vulnerabilities created by insecure code could lead to data leakage or corruption, and the burden is on Salesforce customers to mitigate. Security researchers warn that many organizations have ...
CSOonline

Attackers steal data from Salesforce instances via compromised AI live chat tool

A threat actor managed to obtain Salesforce OAuth tokens from a third-party integration called Salesloft Drift and used the tokens to download large volumes of data from impacted Salesforce instances.