ShinyHunters claims ongoing Salesforce Aura data theft attacks

The ShinyHunters group claims to be actively stealing data from Salesforce Experience Cloud platforms by exploiting misconfigurations that grant excessive permissions to guest users. Salesforce advises customers to audit and reduce guest user permissions to the minimum required, disable guest access to public APIs, and remove the API Enabled setting from the guest profile to mitigate these attacks.