Google is the latest company to suffer a data breach in an ongoing wave of Salesforce CRM data theft attacks conducted by the ShinyHunters extortion group.

In June, Google warned that a threat actor they classify as ‘UNC6040’ is targeting companies’ employees in voice phishing (vishing) social engineering attacks to breach Salesforce instances and download customer data. This data is then used to extort companies into paying a ransom to prevent the data from being leaked.

In a brief update to the article last night, Google said that it too fell victim to the same attack in June after one of its Salesforce CRM instances was breached and customer data was stolen.

Attackers used 11 Go and 2 npm packages to spread malware across platforms, putting open-source developers at risk.

Dear Friends and Colleagues, Please see some infographic resources I created to help capture some of the topics of the day. Thanks and best, Chuck

Ukraine’s CERT-UA warns of UAC-0099 and Gamaredon phishing attacks using custom malware and social lures.

Fake apps from VexTrio on Apple and Google stores mislead users, steal data, and charge hidden fees.

ClickFix malware replaced ClearFake in 2024, infecting users via fake CAPTCHAs and trusted platforms.