Salesforce disables Klue integration following OAuth token supply chain attack
Salesforce has disabled the Klue Battlecards app integration after a security breach at the competitive intelligence firm exposed customer data. The incident originated from a compromised legacy credential within Klue's infrastructure, which allowed an extort…
The threat actors used these stolen tokens to query Salesforce REST APIs and exfiltrate large volumes of customer relationship management data. Security researchers observed automated scripts running… [+925 chars]