> TritonInfoSec News
Home / Jun 24, 2026 / Story
0
#3 BleepingComputer general June 23, 2026 at 13:58 UTC

LastPass confirms data breach in Klue supply chain attack

By Bill Toulas

AI Summary

LastPass confirmed that attackers accessed customer data from its Salesforce environment after stealing the company's OAuth tokens in the Klue supply chain attack earlier in June 2026. This expands the scope of the Salesforce/Klue OAuth token compromise, now affecting a major password manager's customer data. Security teams should assess any third-party SaaS vendors using Klue for potential exposure and review OAuth token permissions across their Salesforce integrations.

Read full article → https://www.bleepingcomputer.com/news/security/las…

Relevance score: 89.0/100

# More from June 24

  1. 1
    FortiBleed Targeted FortiGate Firewalls in 110 Million-Credential Harvesting Operation The Hacker News
  2. 2
    Scattered Spider Hackers Plead Guilty on Day 1 of Trial Krebs on Security
  3. 4
    Trump Order Sets 2030 Deadline for Federal Post-Quantum Crypto Migration The Hacker News
  4. 5
    FFmpeg PixelSmash Flaw Allows RCE on Video Players, Media Servers, NAS Appliances SecurityWeek
  5. 6
    Five Eyes agencies sound alarm about AI’s threat to cybersecurity The Record
  6. 7
    FFmpeg fixes PixelSmash flaw in widely used video decoder BleepingComputer
  7. 8
    'Cordyceps': Mushrooming Malicious Pull Requests Threaten Developer Workflows Dark Reading
  8. 9
    Cisco Unified CM flaw CVE-2026-20230 now exploited in attacks BleepingComputer
  9. 10
    WhatsApp VBScript Campaign Uses Fake Documents to Install ManageEngine RMM Tool The Hacker News