Klue supply-chain breach exposes customers' Salesforce data
A dormant API credential let attackers compromise competitive-intelligence platform Klue and harvest OAuth tokens for customers' connected apps, exfiltrating Salesforce records from firms including Huntress and Recorded Future in a supply-chain attack later tied to the Icarus extortion group.
- Victim
- Klue (and customers including Huntress and Recorded Future)