Tagged: Klue

Diagram illustrating the Klue supply chain breach and compromised Salesforce OAuth tokens 0

Klue Supply Chain Breach Compromises LastPass Data

Target/Victims: Klue, LastPass, and others. Delivery Vector: Compromised integration service credentials from 2022. Key Capabilities: Unauthorized Salesforce CRM access via stolen OAuth tokens. Threat Actor: Icarus ransomware group (Suspected). Source: Klue, LastPass, and affected...

Klue OAuth breach diagram showing stolen OAuth tokens used to exfiltrate customer Salesforce data 0

Klue OAuth Breach Drives Salesforce Data Theft

The market intelligence platform Klue has confirmed a breach of part of its integration infrastructure. Attackers obtained OAuth tokens, the digital keys that grant access between services. With those keys, they slipped into the...