The Hacker News

Hacking Salesforce Sites With an LLM Agent

AI agent exploited Salesforce sites; 263 objects, 55 Apex methods exposed at one portal, leading to PII and file leaks.
Dark Reading

Salesforce 'Ghost Sites' Expose Sensitive Corporate Data

Salesforce customers are abandoning their sites without deactivating them, leaving sensitive corporate, vendor, and user data behind. The problem occurs within what the service calls "Communities," ...
Krebs on Security

Many Public Salesforce Sites are Leaking Private Data

A shocking number of organizations — including banks and healthcare providers — are leaking private and sensitive information from their public Salesforce Community websites, KrebsOnSecurity has ...