Market intelligence platform Klue fell victim to an OAuth breach that enabled threat actors dubbed 'Icarus' to steal Salesforce CRM data from multiple organizations. The breach is part of an ongoing extortion campaign targeting enterprise customers.
The OAuth vulnerability in Klue's systems provided attackers unauthorized access to connected Salesforce instances across affected clients. Icarus operators leveraged this access to exfiltrate sensitive customer relationship data, subsequently using the stolen information as leverage in extortion demands.
The attack highlights growing risks associated with OAuth integrations between third-party platforms and enterprise applications. Market intelligence tools like Klue often maintain broad access permissions to customer data systems, creating high-value targets for threat actors.
Klue has not yet released detailed technical information about the breach's scope or timeline. Security researchers tracking the Icarus group indicate the campaign has targeted multiple SaaS platforms over recent months, suggesting a pattern of exploiting integration vulnerabilities.
Organizations using Klue are advised to review OAuth permissions, audit recent Salesforce access logs, and monitor for extortion communications from the threat actors.
Let's Encrypt experienced widespread certificate renewal failures today, according to the service status page. The incident affected numerous users attempting to renew their SSL certificates.
Microsoft has identified a lightweight backdoor malware that targets cryptocurrency wallets and spreads via USB drives. The malware, known as Crypto Clipper, communicates through the Tor network to evade detection.
India's government told the Delhi High Court that Telegram acknowledged its inability to proactively detect channels selling leaked exam papers. The platform was warned two weeks before being blocked in the country.
Australia's communications regulator will require businesses to register their SMS and MMS sender identities. The move aims to combat spam and fraudulent messaging.