> TritonInfoSec News
Home / Jun 19, 2026 / Story
0
#8 BleepingComputer general June 18, 2026 at 14:19 UTC

Klue OAuth breach linked to 'Icarus' Salesforce data theft attacks

By Lawrence Abrams

AI Summary

Market intelligence platform Klue suffered an OAuth breach that allowed the 'Icarus' threat actor to access and steal Salesforce CRM data from multiple organizations in an ongoing extortion campaign — the third integrated Salesforce application compromised in this series, with victims including cybersecurity vendor Huntress. The pattern of third-party OAuth app compromises targeting Salesforce data signals a systematic supply-chain attack against CRM ecosystems.

Read full article → https://www.bleepingcomputer.com/news/security/klu…

Relevance score: 81.0/100

# More from June 19

  1. 1
    Police cleans nearly 15,000 SocGholish-infected sites tied to Evil Corp BleepingComputer
  2. 2
    Accenture to Acquire Majority Stake in Dragos, All of runZero, NetRise in $4.1 Billion OT Cybersecurity Push SecurityWeek
  3. 3
    ‘Popa’ Botnet Linked to Publicly-Traded Israeli Firm Krebs on Security
  4. 4
    F5 issues out-of-band patches for critical NGINX vulnerabilities BleepingComputer
  5. 5
    Splunk Enterprise Vulnerability Exploited in Attacks Days After Disclosure SecurityWeek
  6. 6
    Killing me gently: Inside Gentlemen’s EDR killer framework WeLiveSecurity (ESET)
  7. 7
    DragonForce Hackers Abuse Microsoft Teams Relays to Hide Backdoor.Turn C2 Traffic The Hacker News
  8. 9
    Attackers hit pair of critical Fortinet vulnerabilities the vendor disclosed in April CyberScoop
  9. 10
    INC Ransomware Emerges as Major RaaS Threat in 2026 with 830+ Victims Since 2023 The Hacker News