Hackers exploited a zero-day flaw in Salesforce email services, targeting Facebook in a phishing attack. #cybersecurity #emailsecurity #zeroday #phishing

Attackers bypassed the safeguard services of Salesforce by using sophisticated methods.

The phishing page used in the attack was hosted on the Facebook apps platform.

Salesforce's "Email-to-Case" feature was exploited by attackers to gain control of the username in generated email addresses.

The vulnerability has been resolved as of July 28, 2023, affecting all Salesforce services and instances. #vulnerabilityfix #Salesforce

Investigations are ongoing to determine why existing protections failed to stop the attacks. #investigationongoing #CyberSecurityNews