Salesforce has warned customers that it has identified a campaign in which threat actors are exploiting customers’ overly permissive guest user settings to potentially access more data than targeted businesses intended.
“Evidence indicates the threat actor is leveraging a modified version of the open-source tool Aura Inspector (originally developed by Mandiant) to perform mass scanning of public-facing Experience Cloud sites,” the statement read.
Although the original Aura Inspector is limited to pinpointing vulnerable objects by probing API endpoints that these sites expose, the attacker has developed a custom version of the tool that can go beyond identification to exfiltrate data.
All Eyes on ShinyHunters
In screenshots from its leak site published on X, the notorious extortion gang ShinyHunters says it breached “several hundreds” of businesses. It claims to have compromised approximately 400 websites and 100 “high-profile companies.”
This would point to ShinyHunters being the culprit, using the contact details cited by Salesforce and obtained via the website intrusions to perform follow-on social engineering, network intrusions, and broader data theft.
Since mid-2025, ShinyHunters has been targeting many Salesforce accounts using social engineering and other techniques. The data breaches revealed last year led to millions of data records being compromised and leaked by the group.
According to Salesforce, all of these data breaches were due to phishing attacks, exploitation of third-party integrations, or misconfigurations, and not due to any vulnerabilities in their products or systems.
Salesforce said: “We have identified a campaign in which malicious actors are exploiting customers’ overly permissive Experience Cloud guest user configurations to potentially access more data than targeted organizations intended.”
The company added that it is important to note that it remains secure, and this issue is not due to any vulnerability inherent to its platform. “Our investigation to date confirms that this activity relates to a customer-configured guest user setting, not a platform security flaw. We are publishing this guidance to help our customers assess and take appropriate action to secure their environment.”
Consider Two levels of Protection
Vincenzo Lozzo, CEO and Co-founder at SlashID, said security teams should consider two levels of protection right now. “The first and most impactful step is to verify and disable API access on guest user profiles across all of your Salesforce tenants. If that’s not possible, because the site’s functionality depends on it, the second option is to minimize the access guest profiles have to Salesforce Objects, particularly sensitive ones like Cases, which can contain secrets or other sensitive data that attackers can use to move laterally.”
Lozzo added that Salesforce is an attractive target for malefactors for a few reasons. “First, Salesforce instances often contain highly sensitive customer data including credentials and secrets that can be used for lateral movement as we’ve seen with the Drift breach. Second, Salesforce makes it relatively hard for security teams to detect attacks, and very few SOC teams have deep knowledge of Salesforce internals.”
Third, he said Salesforce has an incredibly complex and not very well understood access control architecture: profiles, permission sets, sharing rules, org-wide defaults, and object-level security, which lends itself to accidental data exposure and privilege escalation. “And when you add the third-party app ecosystem and OAuth integrations on top of that, the attack surface multiplies well beyond what any single security team can realistically monitor. This is a much easier target to go after than a heavily guarded endpoint or server.”
Notoriously Hard to Secure
Trey Ford, Chief Strategy and Trust Officer at Bugcrowd, added that platform ecosystems are notoriously hard to secure because the way they’re compromised is not easily scanned for using automation. “This is specifically because these application stacks use non-human identities (NHI) and have deep integrations with other software and data platforms. Trust relationships, and long-lived and poorly monitored credentials grant access to treasure troves of systems and data.”
Ford said by targeting and compromising software trusted to communicate, query, or operate in the context of the Salesforce integration creates a threat to the Salesforce ecosystem, which is not something Salesforce can directly secure – the failure is in the third-party integrations.
“When a specific integration or vulnerability from the ecosystem is identified by the threat actor, they work to scan for similar vulnerable patterns – and Salesforce is doing the right thing to raise awareness to these attack paths. Over the last 5-10 years we’ve seen a number of SaaS security startups specifically aimed at permissions for human and NHI accounts, the scope of permissions applied, and the age and usage of those credentials.”
Companies need to review those integration and account access patterns, and take steps to harden their usage, apply IP integration limits where possible, and use the latest reference patterns for authentication and authorization for their integrations, Ford added.
Widespread Compromise is Preventable
Louis Eichenbaum, Federal CTO at ColorTokens, commented that although the attack happens in a SaaS platform, the methodology closely mirrors traditional lateral movement inside enterprise networks. “Adversaries identify accessible resources, traverse relationships between data objects, and progressively expand access until valuable information can be extracted.
“This pattern reinforces a critical cybersecurity principle that breaches are inevitable, but widespread compromise is preventable. Organizations must design architectures that contain threats after initial access, limiting an attacker’s ability to move across systems, applications, or data environments,” Eichenbaum said.
This campaign highlights the importance of least-privilege access, continuous configuration monitoring, and automated containment controls across cloud and SaaS platforms leveraging microsegmentation strategies, he continued. “As digital environments expand beyond traditional networks, resilience strategies must evolve to ensure that even when a system is exposed or misconfigured, attackers cannot pivot further into mission-critical assets.”
Eichenbaum says the problem is that when businesses enable Salesforce Experience Cloud or create a public Salesforce site, the platform automatically creates a Guest User profile. “This profile allows unauthenticated visitors to access the site. I would recommend that Salesforce disable the automatic creation of guest user profiles and let organizations decide if they want to create a guest account.”
An Access Governance Issue
Shane Barney, Chief Information Security Officer at Keeper Security, said: “Automated tools can quickly identify environments where access controls are too permissive and extract accessible data in a matter of minutes, amplifying both the scale and potential impact. Any system exposed to the internet must be configured with the expectation that it will be continuously scanned.”
At its core, Barney said this is an access governance issue. “Guest accounts, service accounts and API integrations must be treated with the same discipline as privileged users. Applying least privilege, restricting API access and continuously auditing permissions are foundational security controls. Privileged access management plays an important role here by providing visibility and control over who, or what, can access sensitive systems and data, including non-human identities and externally exposed accounts.
“In cloud environments, identity defines the security boundary. Organizations that maintain clear oversight of permissions and enforce strong access controls significantly reduce the risk of unintended data exposure,” Barney added.
The Path of Least Resistance
Jason Soroko, Senior Fellow at Sectigo, said: “Security teams must immediately audit their guest user settings to enforce a strict least-privilege model. Critical actions include setting the default external access for all objects to “Private,” explicitly unchecking “API Enabled” in the guest user profile’s system permissions to block unauthenticated queries to the `/s/sfsites/aura` endpoint, restricting user visibility, and scrutinizing Aura Event Monitoring logs for anomalous data extraction.”
Soroko added that from the gang’s standpoint, this is a disciplined and logical shift toward a path of least resistance. “Rather than expending heavy resources to engineer zero-day exploits or breach hardened perimeters, threat actors recognize the superior return on investment in targeting these configuration gaps. Their approach is capitalizing on the fact that advanced security architectures are bypassed if a single overly permissive guest setting leaves the data accessible to anyone who asks.”
Information Security Buzz News Editor
Kirsten Doyle has been in the technology journalism and editing space for nearly 24 years, during which time she has developed a great love for all aspects of technology, as well as words themselves. Her experience spans B2B tech, with a lot of focus on cybersecurity, cloud, enterprise, digital transformation, and data centre. Her specialties are in news, thought leadership, features, white papers, and PR writing, and she is an experienced editor for both print and online publications.
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.