SummaryThe ShinyHunters hacking group has been exploiting misconfigured guest user profiles in Salesforce Experience Cloud sites to access sensitive data from hundreds of companies. This does not stem from platform vulnerabilities but from overly permissive guest user permissions that allow unauthenticated access to restricted Salesforce CRM objects. Salesforce urges admins to apply the principle of least privilege and offers concrete recommendations to secure guest user settings, such as auditing configurations, disabling unnecessary public API access, and tightening sharing settings. Salesforce professionals should prioritize reviewing and restricting permissions on guest profiles to prevent data leaks and reduce exposure to threats like social engineering and vishing attacks.
Clear, actionable security guidance specific to Salesforce Experience Cloud misconfigurations with practical steps, though highly focused on a 2025-2026 threat makes it somewhat time-bound.
Clear, actionable security guidance specific to Salesforce Experience Cloud misconfigurations with practical steps, though highly focused on a 2025-2026 threat makes it somewhat time-bound.
Cookie preferences
We use essential cookies for authentication and preferences. We also use optional analytics cookies (Google Analytics) to understand how the service is used.