Salesforce threat landscape report – 2025 so far

New intelligence: Emerging threats targeting Salesforce workflows

Malicious activity in Salesforce has seen a surge since early 2023.
From hidden malware to AI-generated phishing, attackers are exploiting the trust and centrality of Salesforce to deliver increasingly sophisticated threats, often hidden in normal business workflows.

To help security teams respond, we’ve compiled a new report using fresh intelligence from live detections across global Salesforce deployments.

Who should read this:

  • CISOs and risk owners assessing SaaS exposure
  • Salesforce admins and architects managing access and integrations
  • Security analysts tracking phishing and file-based threats

Based on real-world telemetry
Drawn from live threat detections across global Salesforce environments, via WithSecure™ Cloud Protection for Salesforce.

Why it matters
Salesforce is now part of the threat surface. Attackers don’t need exploits—they use access, trust, and the very workflows your teams rely on.

Get up to date on the Salesforce threat landscape

Required field.

Invalid field.

Required field.

Invalid field.

Required field.

Invalid field.

Required field.

Invalid field.

Phone number can only contain numbers, spaces, and these special characters: + () -.

Required field.

Invalid field.

Required field.

Invalid field.

We process the personal data you share with us in accordance with our Corporate Business Privacy Policy.