📈 Read the 2026 Salesforce Threat Landscape Report

Download the 2026 Salesforce Threat Landscape Report

Inside the report:

Detection trends and the 700% surge in attack volumes across 2025

How 98% of threats bypass traditional defenses through malicious URLs

Real-world breach case studies, from supply-chain compromises to identity abuse

Emerging risks from Salesforce AI agents and prompt injection attacks

Required field.

Please enter a valid business email address.

Invalid field.

Required field.

Enter your first and last name, separated by a space.

Required field.

Invalid field.

Required field.

Invalid field.

Phone number can only contain numbers, spaces, and these special characters: + () -.

Required field.

Invalid field.

We process the personal data you share with us in accordance with our Corporate Business Privacy Policy.

The 2026 Salesforce Threat Landscape

Malicious activity in Salesforce environments increased by over 700% in 2025. Is your organization prepared for what’s coming?

Download the 2026 Salesforce Threat Landscape Report

What you’ll learn

  • Why detections surged 700% — and what that tells us about attacker priorities shifting toward cloud platforms
  • The real attack vectors — 98% of malicious detections were URL based, not file based, and traditional defenses aren’t enough
  • How AitM quishing works — QR code phishing campaigns using Tycoon 2FA kits are bypassing MFA at scale, with 58% of targets in the US
  • Supply chain risks you may have missed — real world incidents involving Salesloft, Drift, and Gainsight that exposed Salesforce orgs through third party integrations
  • The emerging AI attack surface — how Salesforce agents and automation introduce new vectors, including prompt injection via standard web forms
  • Actionable mitigations — concrete steps for identity governance, integration risk management, anomaly detection, and incident response

Key insights

  • 83% of all malicious detections were a single threat category
  • 98% of threats came through URLs, not files
  • 700% increase in detections from Q1 to Q4 2025
  • 6 publicly reported incidents analyzed in detail

The report is written by Karmina Aquino, Head of Threat Intelligence for Cloud Protection for Salesforce. With over two decades in the cybersecurity industry, she brings expertise in threat detection, threat analysis, and threat intelligence.

Download the 2026 Salesforce Threat Landscape Report

What is Cloud Protection for Salesforce by WithSecure™?

  • Cloud Protection for Salesforce is an industry-leading malware protection solution for Salesforce trusted by dozens of Fortune 500 companies
  • The native app is available in AppExchange and is up and running in minutes.
  • Salesforce does not scan files and URLs for malware or phishing. We do.
Read more about the product

Salesforce Threat Landscape Report 2026

Download the report