SecurityBleepingComputerabout 3 hours ago

Klue OAuth breach expands as Icarus group claims attack

1 min read

Klue confirmed attackers stole OAuth tokens for Salesforce integrations after a June 12 breach using a compromised legacy credential. The Icarus extortion group publicly claimed the attack. Huntress and ReliaQuest detailed how stolen tokens enabled large-scale Salesforce data theft via Python scripts. Klue revoked credentials and engaged CrowdStrike.

Level

Hype check

Tap to vote and see what everyone thinks.

#klue #oauth #breach

Klue OAuth breach expands as Icarus group claims attack

More to chew on!

More to chew on!