<img height="1" width="1" style="display: none" alt="" src="https://px.ads.linkedin.com/collect/?pid=1098858&amp;fmt=gif">

Cybersecurity Firms Hit by Klue Supply Chain Attack Tied to Extortion Group Icarus

Hackers hit Klue, impacting Huntress and Recorded Future, stealing CRM data but no sensitive intel. Linked to Icarus extortion group.
Content Team

A supply chain attack on market intelligence platform Klue has hit cybersecurity firms Huntress and Recorded Future, among others. Starting June 11, hackers accessed Klue's backend servers and harvested OAuth tokens, then abused the Salesforce REST API to pull large volumes of CRM data — including nearly 1,000 queries in just 15 minutes.

Stolen data from both firms includes business contacts, price quotes, and contract information. No threat intelligence, passwords, or payment data was compromised. Huntress has linked the attack to Icarus, an extortion group that emerged in April 2026, after receiving direct extortion messages from a threat actor identifying as "mr bean."

Source: SecurityWeek

Share this article
Share on facebook Share on linkedin Share on twitter Share on email
blog_book_a_demo_cta_3x
Have questions about protecting your software?
Our escrow experts are standing by to help.
Book a free demo