🟠 High | Source: The Hacker News
Salesforce has disabled the Klue Battlecards app integration after a security incident on 11 June 2026 in which OAuth tokens were abused to expose customer data. The breach originated at Klue, a competitive intelligence platform, but impacted organisations using its Salesforce integration. Affected customers cannot reconnect the integration until Salesforce deems it safe to reinstate.
Security Architect’s Take: Audit all third-party OAuth app integrations in your Salesforce org immediately — revoke tokens for any apps you do not actively use or cannot verify, and review Salesforce’s connected app logs for anomalous access patterns. This incident is a reminder to enforce least-privilege OAuth scopes and implement periodic token rotation policies for ISV integrations.
Original advisory: Salesforce Disables Klue App Integration After OAuth Token Abuse Exposes Customer Data