SecurityWeek

Salesforce AI Hack Enabled CRM Data Theft

Prompt injection has been leveraged alongside an expired domain to steal Salesforce data in an attack named ForcedLeak.
Dark Reading

Salesforce AI Agents Forced to Leak Sensitive Data

Salesforce Web forms can be manipulated by the company's "Agentforce" autonomous agent into exfiltrating customer relationship management (CRM) data — a concerning development as legacy ...