Google Confirms Salesforce Database Breach by ShinyHunters Group

Threat Score:

The Cyber Express

13 hours ago

Part of cluster #1736

Overview

Google has confirmed that a corporate Salesforce database it used to manage small and medium business (SMB) contacts was compromised by a known cybercriminal group. The attackers, identified as ShinyHunters, tracked internally by Google as UNC6040, gained unauthorized access to the database in June 2025. In a blog post released Tuesday by Google’s Threat Intelligence Group (GTIG), the company stated that attackers were able to retrieve “basic and largely publicly available business information, ...

Continue Reading on Original Site

5 articles

CVE-2025-48913: Apache CXF: Untrusted JMS configuration can lead to RCE

OSS Security • 5 hours ago

oss-secmailing list archives CVE-2025-48913: Apache CXF: Untrusted JMS configuration can lead to RCE Current thread: CVE-2025-48913: Apache CXF: Untrusted JMS configuration can lead to RCEColm O hEigeartaigh (Aug 07)

Score

Stop Reacting; Start Anticipating: The Global State of Threat Intelligence

Brighttalk • 7 hours ago

Presented by Jitin Shabadu, Forrester Analyst | Jayce Nichols, Director, Intelligence Solutions, Google Threat Intelligence Group

Score

SonicWall Confirms No New SSLVPN 0-Day – Ransomware Attack Linked to Old Vulnerability

Cybersecurity News • 5 hours ago

Cybersecurity firm SonicWall has officially addressed recent concerns a potential new zero-day vulnerability in its Secure Sockets Layer Virtual Private Network (SSLVPN) products. In a statement to Cybersecurity News, the company confirmed that recent ransomware attacks are not the result of a new flaw, but are instead linked to a previously identified and patched […]

Score

Business Associate Data Breaches Affect Florida Healthcare Providers

Hipaajournal • 8 hours ago

PhyNet Dermatology, a business associate of Premier Dermatology Partners, has identified unauthorized access to an email account containing patient information. […]

Score

Microsoft patched a critical vulnerability in its NLWeb AI search tool – but there's no CVE (yet)

IT Pro Security • 8 hours ago

Researchers found an unauthenticated path traversal bug in the tool debuted at Microsoft Build in May

Score

ATTACK TYPES

Data Exfiltration

Phishing

Ransomware

Social Engineering

Voice Phishing

COMPANIES

Google

Okta

Salesforce

SECURITY VENDORS

Okta

PLATFORMS

Salesforce

APT GROUPS

ShinyHunters

UNC6040

RANSOMWARE

Evolution

One

Python

mimic

MITRE ATT&CK

Phishing

T1040

T1053

T1059

T1070.001

INDUSTRIES

Cloud Services

Cybersecurity

Technology

VULNERABILITIES

Social Engineering

ARTICLE INFORMATION

Article #9596

Published 13 hours ago

The Cyber Express

THREAT HUNTING

THREAT INTELLIGENCE

BUSINESS INTELLIGENCE

Save to Folder

Article Intelligence

THREAT HUNTING

THREAT INTELLIGENCE

BUSINESS INTELLIGENCE

Overview

Related Articles

CVE-2025-48913: Apache CXF: Untrusted JMS configuration can lead to RCE

Stop Reacting; Start Anticipating: The Global State of Threat Intelligence

SonicWall Confirms No New SSLVPN 0-Day – Ransomware Attack Linked to Old Vulnerability

Business Associate Data Breaches Affect Florida Healthcare Providers

Microsoft patched a critical vulnerability in its NLWeb AI search tool – but there's no CVE (yet)

Save to Folder

Article Intelligence

We use cookies

Cookie Settings

Essential Cookies

Analytics Cookies

Performance Cookies

Marketing Cookies