logo

AI may be good at finding security vulnerabilities, but it can't beat human stupidity

ID: 3857e872-f472-5682-bee6-a00a913949f6

STIX ID: report--3857e872-f472-5682-bee6-a00a913949f6

Feed Name: The Register (Security)

Threat Score
65/100

Date Published: 2026-06-29

Date Updated: 2026-07-02

...
...

The transcript reviews a widespread Klue-Salesforce compromise where attackers used a compromised legacy credential to obtain OAuth tokens and exfiltrate CRM data from hundreds of customers (including Huntress and LastPass), with a new extortion group named Icarus claiming responsibility and leaking/ransoming data; it also touches on insider-allegation fallout at Huntress and a separate long-standing Squid proxy vulnerability ('Squidbleed') that exposes credentials when legacy FTP/HTTP features are enabled.

Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.