The threat actor ShinyHunters is leveraging a modified version of the AuraInspector tool to exploit misconfigured Salesforce Experience sites. By targeting overly permissive guest user profiles, attackers can interact with backend Aura endpoints to enumerate and exfiltrate sensitive corporate data without requiring authentication.