Executive Summary The threat group known as ShinyHunters is actively exploiting misconfigurations in Salesforce Experience Cloud and a externally developed security auditing tool to exfiltrate sensitive data from hundreds of high-profile organizations. By repurposing Mandiant’s AuraInspector tool, the actors identify guest user profiles with excessive permissions that allow for the direct querying of internal CRM objects. The...