Threats Tagged 'third-party integration'
View all threats tagged with 'third-party integration'. Filter and sort to focus on specific types of threats.
Stop chasing alerts. Route them.
Start free, then upgrade once to turn Radar into an automated delivery engine for your security stack.
Custom feeds / Automations: email, Slack, webhooks, SIEM/MISP / API access (baseline limits)
API access activates after upgrading in Console -> Billing.
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.
Filter Threats
Narrow down the results by type, severity, or affected countries
Threats Tagged 'third-party integration'
Click on any threat for detailed analysis and mitigation recommendations
Klue Integration Abused in Salesforce Data Theft | Threat Spotlight 0 In June 2026, attackers exploited a compromised Klue competitive-intelligence platform integration to exfiltrate customer relationship management data from enterprise Salesforce environments. The attackers used compromised Klue service accounts to generate OAuth tokens and automated Python scripts to perform bulk data extraction via Salesforce REST API over about 24 hours. The activity involved intense bursts of nearly a thousand queries within 15 minutes and sustained extraction periods exceeding 6 hours. This incident is part of a pattern of third-party OAuth abuse campaigns targeting Salesforce integrations, similar to previous attacks involving Salesloft Drift and Gainsight. Attribution is uncertain, with tactics resembling those of ShinyHunters and UNC6395 threat groups. The initial access vector, full extent of data exfiltration, and attacker intent remain under investigation, with no extortion demands reported so far. Join the discussion | AlienVault OTX General | 06/18/2026, 03:14:22 UTC Added: 06/18/2026, 20:20:24 UTC |
Showing 1 to 1 of 1 result