Threat Intelligence Report

Detecting the Klue supply chain attack in Salesforce instances

📅 June 23, 2026 📰 securitylabs.datadoghq.com 🔍 0 CVE(s) referenced

A single compromised OAuth integration at Klue enabled the Icarus threat group to access and exfiltrate sensitive CRM data from multiple Salesforce customer environments, highlighting the critical risks of third-party supply chain attacks and the importance of vigilant detection and response.

vendor

🔐 Sign In to Read Full Report

You'll need to accept our Terms of Service to access the platform.

📊 Visual Mindmap

🎯 IOC Extraction

⚔️ MITRE ATT&CK TTPs

📦 STIX 2.1 Bundle