A group Google is tracking as UNC6040 has been tricking users into installing a malicious version of a Salesforce app to gain access to and steal data from the platform.
First seen on darkreading.com
Jump to article: www.darkreading.com/application-security/vishing-crew-salesforce-data
