> TritonInfoSec News
Home / Jun 20, 2026 / Story
0
#5 The Hacker News general June 19, 2026 at 09:03 UTC

Salesforce Disables Klue App Integration After OAuth Token Abuse Exposes Customer Data

By [email protected] (The Hacker News)

AI Summary

Salesforce disabled the Klue Battlecards app integration on June 11, 2026 after threat actors abused OAuth tokens to exfiltrate data from customers' Salesforce environments. Victims include cybersecurity vendors Huntress and Recorded Future, making this the third Salesforce-integrated application compromised in a similar supply chain attack pattern. The 'Icarus' extortion group has claimed responsibility, and the incident underscores OAuth token abuse as a growing supply chain vector.

Read full article → https://thehackernews.com/2026/06/salesforce-disab…

Relevance score: 84.0/100

# More from June 20

  1. 1
    CISA Warns Fortinet Customers as FortiBleed Hits 86,644 FortiGate Devices The Hacker News
  2. 2
    Operation Endgame Disrupts SocGholish Servers, Cleans 14,971 WordPress Sites The Hacker News
  3. 3
    CISA: Splunk Enterprise flaw actively exploited, patch by Sunday BleepingComputer
  4. 4
    Unpatchable 'usbliter8' Exploit Breaks Apple A12 and A13 SecureROM Boot Chain The Hacker News
  5. 6
    F5 Patches Two Critical NGINX Open Source Flaws Enabling Remote Code Execution The Hacker News
  6. 7
    Microsoft Details Windows Clipper Malware Campaign Using USB LNK Worm and Tor-Based C2 The Hacker News
  7. 8
    The Gentlemen RaaS Uses GentleKiller EDR Framework Targeting 400 Security Processes The Hacker News
  8. 9
    Texas govt data breach exposes over 3 million driver’s licenses BleepingComputer
  9. 10
    Critical Command Execution Vulnerability Patched in Cisco ISE SecurityWeek