Salesforce Aura Data Theft

Thursday, March 19, 2026 12 p.m. ET | 4 p.m. GMT Matt Radolec, David Gibson

ShinyHunters has once again placed Salesforce customers in their crosshairs – this time abusing guest user misconfigurations in public-facing Experience Cloud sites.

The group claims to have compromised 400 organizations by pairing these overly-permissive settings with a modified version of the AuraInspector auditing tool to query Salesforce CRM objects without authentication.

Join Matt and David for the latest episode of State of Cybercrime as they break down how this campaign fits squarely into the ShinyHunters playbook. They will also explore emerging AI security risks and examine the shifting momentum in the race to define the dominant LLM platform.

Your seat is saved!

You’ll receive a confirmation email from Zoom shortly. Contact us if you do not receive it within 24 hours.

Add to calendar (.ics)

About the series

In today's digital landscape, no industry is safe from cybercrime. Hackers continue to exploit vulnerabilities across sectors, leading to highly destructive breaches.

Our State of Cybercrime series sheds light on the latest high-profile attacks while providing actionable insights across every industry.

This episode's segments include...

Is there any good news?
AI Vey — because we can't not talk about AI
The latest Vulnerable Vulnerabilities
The highway to the Danger Zone
Live Q&A

Show hosts:

Matt Radolec

VP of Incident Response, Cloud Operations & SE, Varonis

David Gibson

Senior VP of Strategic Programs, Varonis

State of Cybercrime:

Salesforce Aura Data Theft

Your seat is saved!

About the series

This episode's segments include...

Show hosts:

ABOUT STATE OF CYBERCRIME

TRY VARONIS FOR FREE.