Icarus Threat Group Claims Salesforce Data Theft in Klue Supply Chain Breach

Executive Summary  On 19 June 2026, the threat group Icarus claimed to have compromised and exfiltrated data from customers of Klue, specifically the Salesforce integration of the market intelligence platform. Salesforce has since disabled Klue integrations. Compromised Data Scope  The impacted data may consist of business names, products trialed/used, subscription details (units, pricing), business contact info (full names, work emails, job title,…

Read More

144 Mastra npm Packages Compromised Through Maintainer Phishing Attack

Executive Summary A report published by The Hacker News on 17 June 2026 detailed a software supply chain attack impacting 144 npm packages associated with the Mastra ecosystem after threat actors compromised a maintainer account through a phishing attack. The attackers leveraged the compromised account to publish malicious package versions to the npm registry. According to the…

Read More

NFCShare Android NFC Fraud Campaign Impersonating Deutsche Bank

Executive Summary In June 2026, D3 lab researchers reported on a new banking trojan. NFCShare is an Android banking trojan initially distributed as a malicious Android Package file (APK) through a phishing flow impersonating Deutsche Bank. The malware presents a fake card-verification interface, prompts the victim to place a payment card near the phone, collects the card…

Read More

Oracle PeopleSoft Data Theft Claimed by ShinyHunters

Executive Summary On 10 June 2026, BleepingComputer reported that Oracle PeopleSoft servers are allegedly being targeted in ongoing data theft attacks by the ShinyHunters extortion gang, which claims to have stolen data from over 100 organizations. PeopleSoft is an enterprise business software suite used by large organizations to manage HR, payroll, finance, supply chain, procurement, and student…

Read More

ServiceNow Unauthorized Access Vulnerability Enabled Unauthorized Customer Data Access

Executive Summary On 9 June 2026, ServiceNow disclosed an incident in which unknown threat actors exploited a flaw to gain deeper unauthorized access to susceptible customer instances. On 5 June 2026, ServiceNow applied a security update to hosted customer instances to address an issue that could allow an unauthenticated user, under certain circumstances, to gain greater access to ServiceNow instances…

Read More