Spring '26 started rolling to production orgs this week, Setup with Agentforce enters beta, and a long-running breach saga claimed another high-profile victim. Here's what Salesforce practitioners need to know.
Top Stories
Spring '26 Production Rollouts Begin
The first wave of Spring '26 production upgrades hit orgs on January 16, with additional rollouts scheduled for February 13 and February 20 depending on your instance. Sandbox previews have been available since January 9 for those who wanted to test early. Key features in this release include the new Sales Workspace (bringing agents, analytics, and predictive insights into a unified hub), a Kanban Board Screen Component for Flow, and collapsible Decision and Loop elements in Flow Builder.
Why it matters: If you haven't checked your org's upgrade date, now is the time. The release includes some breaking changes, notably the deprecation of Connected Apps in favor of External Client Apps, and a reminder that automatic instance redirects are gone - your integrations should be using My Domain URLs. Check your sandbox first if you haven't already.
Setup with Agentforce Enters Beta
Starting this month, Setup with Agentforce is available as a beta feature. The new experience puts an AI prompt bar directly on the Setup home page, along with recommendations and actionable metrics from your org. If you tried the "Agent for Setup" preview at TDX 2025, this is a significant evolution - it's now designed to help with everyday admin tasks like user management and password resets, available from every page in Setup.
Why it matters: This is Salesforce betting that Agentforce will become the default way admins interact with the platform. For those building admin muscle memory, it's worth trying the beta now to understand how AI-assisted administration will work. Early feedback from the community suggests it's genuinely useful for routine tasks, though complex configurations still require traditional navigation.
Claude 3.7 Sonnet Migration Expected in February
According to Spring '26 release notes, Salesforce is preparing to migrate Einstein features from Claude 3.5 Sonnet v1 to Claude 3.7 Sonnet, with documentation indicating a February 7, 2026 cutover. This applies to generative AI features powered by the Anthropic model through the Einstein platform. Salesforce advises organizations to test their agents and AI features with the new model before the transition.
Why it matters: Model upgrades can change AI behavior in subtle ways. If you have agents in production, especially those with specific prompt engineering or expected output formats, schedule time to test them in sandbox before the migration. Claude 3.7 offers improved reasoning capabilities, but "improved" doesn't always mean "behaves exactly the same."
Industry Spotlight: Financial Services
Grubhub was confirmed this week as the latest victim in the ongoing ShinyHunters breach campaign that exploited stolen Salesforce OAuth tokens. The attackers accessed names, emails, phone numbers, and partial payment card details through credentials originally stolen in the Salesloft Drift attacks last August. At least 31 companies have now been confirmed as affected by this campaign, and Grubhub is now facing class action litigation in federal court.
For Financial Services organizations, this is a reminder that your Salesforce security posture is only as strong as your weakest integration. The breach exploited OAuth tokens from a third-party integration - not a vulnerability in Salesforce itself. Audit your connected apps, review token permissions, and consider whether legacy integrations still need the access they were originally granted. The Conga Composer security concerns raised this week (separate issue, same theme) underscore that third-party AppExchange packages deserve ongoing security review, not just initial evaluation.
Recommended Trail
Identity for Customers (~1 hour 30 minutes)
Given this week's breach news, it's a good time to revisit identity and access fundamentals. This module covers how Salesforce manages customer identity, including OAuth flows, connected apps, and authentication patterns. Understanding these concepts is essential for evaluating integration security - exactly the kind of knowledge that helps you spot risky configurations before they become breach headlines.
Quick Takes
- Salesforce Admin Exam Updated for 2026: The Platform Administrator certification exam now includes more Agentforce content and less traditional configuration coverage. If you're planning to certify or recertify this year, the study materials have shifted.
- 2025-26 Salary Survey Results Released: Salesforce Ben published their annual salary survey results this week. The report covers ecosystem demographics, job market conditions, which skills and certifications are making a difference, and current compensation trends.
- Agentblazer 2026 Status Coming: Trailhead is adding new modules to the Agentblazer program throughout 2026. Complete the current trails now to get a head start on earning your 2026 status when it launches.
That's a Wrap
Between the Spring '26 rollout, the Claude 3.7 migration, and yet another reminder about integration security, this week had a bit of everything. Questions about any of these updates or how they might affect your Salesforce org? Get in touch - always happy to discuss.