AppExchange — Cyber Threats, Attacks & Incidents

Threat entity extracted from intelligence sources

Frequency
11
occurrences
First Seen
November 20, 2025
Last Seen
April 13, 2026

AppExchange is a technology platform tracked across 4 threat clusters and 11 intelligence report mentions on ThreatCluster. First observed November 20, 2025; most recent activity April 13, 2026.

Overview

AppExchange is Salesforce's enterprise app marketplace and integration platform that hosts third‑party apps and connectors (such as Gainsight) used inside Salesforce environments. It enables installation and data flows between apps and Salesforce orgs, but security incidents involving hosted apps or tokens can enable attackers to access customer data across connected environments.

Related Threat Clusters

Recent Intelligence Reports

  • US cloud software company Salesforce to slash — Firstpost · April 13, 2026
  • ShinyHunters 'does not like Salesforce at all' — Theregister · November 22, 2025
  • ShinyHunters 'does not like Salesforce at all,' claims the crew accessed Gainsight 3 months ago — Theregister · November 21, 2025
  • Salesforce Confirms New Breach Linked to Gainsight Apps — Techrepublic · November 21, 2025
  • OAuth token compromise hits Salesforce ecosystem again, Gainsight impacted — Csoonline · November 21, 2025
  • New Gainsight Supply Chain Hack Could Affect Salesforce Customers — Infosecurity-Magazine · November 21, 2025
  • Another Salesforce-linked data breach has ShinyHunters' fingerprints all over it — Theregister · November 20, 2025
  • Another Salesforce-linked data breach has ShinyHunters’ fingerprints all over it — Theregister · November 20, 2025

CVSS v3.1 Breakdown