Live Cybersecurity News Ticker | Codekeeper

Cybersecurity Firms Hit by Klue Supply Chain Attack Tied to Extortion Group Icarus

Written by Content Team | Jul 4, 2026 8:51:05 PM

A supply chain attack on market intelligence platform Klue has hit cybersecurity firms Huntress and Recorded Future, among others. Starting June 11, hackers accessed Klue's backend servers and harvested OAuth tokens, then abused the Salesforce REST API to pull large volumes of CRM data — including nearly 1,000 queries in just 15 minutes.

Stolen data from both firms includes business contacts, price quotes, and contract information. No threat intelligence, passwords, or payment data was compromised. Huntress has linked the attack to Icarus, an extortion group that emerged in April 2026, after receiving direct extortion messages from a threat actor identifying as "mr bean."

Source: SecurityWeek