Analyze and Consolidate Apex Triggers via Agentforce Vibes

LastPass confirms data breach in Klue supply chain attack

LastPass xác nhận dữ liệu khách hàng trong môi trường Salesforce bị truy cập sau cuộc tấn công chuỗi cung ứng nhằm vào Klue hôm 12/6. Nhóm tống tiền Icarus đã xâm nhập hạ tầng Klue bằng thông tin đăng nhập cũ, đánh cắp token OAuth kết nối Klue với Salesforce của khách hàng. Dữ liệu bị lộ bao gồm tên, số điện thoại, email, địa chỉ, thông tin hỗ trợ và dữ liệu CRM. LastPass cho biết sản phẩm cốt lõi, dịch vụ và kho dữ liệu khách hàng không bị ảnh hưởng.

Lập trình viên nên đọc bài này để hiểu rõ về cách tấn công supply chain attack hoạt động như thế nào, từ đó nâng cao kiến thức bảo mật cho các ứng dụng và hệ thống của mình, đặc biệt là khi sử dụng các dịch vụ cloud như Salesforce.

Cybercrime Breaches Klue: Salesforce Data Impacted for Many Victims, including Huntress

Huntress discloses it was among multiple victims of a supply chain attack targeting Klue, a market intelligence platform. The threat actor, dubbed Icarus, compromised Klue's backend systems on June 11, 2026, injecting code to steal OAuth tokens used by Klue's customers to connect their CRM tools. This allowed the attacker to directly query and exfiltrate Salesforce data from Huntress and other companies including Recorded Future, Tanium, and Jamf. The stolen Huntress data includes business contact info, pricing, subscription details, and sales communications — no product telemetry, passwords, or payment data was affected. Huntress shares IOCs (IP addresses, User-Agent strings), threat actor attribution details linking to the Icarus extortion group, and five recommended investigation steps for other potentially impacted organizations. The post is being updated in real time as the situation evolves, with a secondary unauthorized party also claiming access to breach data as of June 24.

A 15-Second Health Check for Your Heroku Connect Data Pipeline

The heroku connect:diagnose CLI command provides an instant health check for Heroku Connect data pipelines syncing Salesforce with Heroku Postgres. Running it with --verbose outputs color-coded status flags (GREEN/YELLOW/RED) across two categories: connection environment checks (API version, permissions, database tier) and mapping/field validation checks (field types, schema alignment). Common warnings include outdated Salesforce API versions requiring connection recreation, unsupported binary or calculated fields that conflict with sync mechanics, and schema drift between Salesforce objects and the Postgres database. The tool replaces manual dashboard investigation and is recommended as a proactive check before database migrations or Salesforce schema changes.

LastPass says hackers stole customer data through a supply chain breach at Klue

LastPass is notifying customers that personal data — including names, emails, phone numbers, and support case contents — was stolen via a supply chain breach at Klue, a competitive intelligence vendor. Hackers obtained OAuth tokens Klue held on behalf of enterprise clients, using them to access LastPass's Salesforce environment. The breach did not compromise LastPass's own infrastructure or encrypted password vaults. A hacking and extortion group called Icarus claimed responsibility and is threatening to release the data unless ransoms are paid. Other affected companies include HackerOne, Recorded Future, Snyk, and Huntress. The incident underscores a structural risk: when a single vendor holds OAuth tokens for dozens of enterprise customers, compromising that vendor grants simultaneous access to all of them. LastPass has revoked the tokens and is advising customers to watch for phishing attempts leveraging the stolen data.