Salesforce Disables Klue App Over OAuth Token Abuse

Salesforce disabled the Klue Battlecards app integration after detecting unusual activity that led to unauthorized customer data access. An extortion group called Icarus compromised Klue's integration infrastructure using a legacy credential, stealing OAuth tokens to access Salesforce-connected customer environments including Huntress.