The FBI has issued a warning about two cybercriminal groups, UNC6040 and UNC6395, that are exploiting Salesforce environments to steal data and extort organizations. These groups have employed various tactics, including social engineering and the use of compromised OAuth tokens, impacting many well-known companies and revealing sensitive information in their attacks. The FBI has released indicators of compromise to help organizations bolster their defenses against these threats.