Salesforce threat landscape report – 2025 so far
New intelligence: Emerging threats targeting Salesforce workflows

Malicious activity in Salesforce has seen a surge since early 2023.
From hidden malware to AI-generated phishing, attackers are exploiting the trust and centrality of Salesforce to deliver increasingly sophisticated threats, often hidden in normal business workflows.
To help security teams respond, we’ve compiled a new report using fresh intelligence from live detections across global Salesforce deployments.
Who should read this:
- CISOs and risk owners assessing SaaS exposure
- Salesforce admins and architects managing access and integrations
- Security analysts tracking phishing and file-based threats
Based on real-world telemetry
Drawn from live threat detections across global Salesforce environments, via WithSecure™ Cloud Protection for Salesforce.
Why it matters
Salesforce is now part of the threat surface. Attackers don’t need exploits—they use access, trust, and the very workflows your teams rely on.
Get up to date on the Salesforce threat landscape
Get the latest Salesforce security intelligence today
Inside the report:
Detection trends and attack volumes from Q1 2025
How threats are hidden in files, QR codes, and URLs
Case studies of trust-based breaches
AI-powered phishing campaign analysis