Cyber Group UNC6040 Tricks Users into Installing Malicious Salesforce App

The UNC6040 group, tracked by Google, has successfully deceived users into installing a malicious version of a Salesforce application. This tactic allowed them to access and steal data from the platform. Although specific technical details of the attack are not mentioned, it is clear that the goal was to compromise sensitive data stored on Salesforce.