答案已發布4 天前Last edited 4 天前36 來源

Klue 供應鏈攻擊 2026 年 6 月：一個被遺忘嘅憑證點樣洩漏咗幾十間企業嘅 Salesforce 數據

Q: 首先要驗證的關鍵點是什麼？

2026 年 6 月 11 日，攻擊者利用 Klue 一個被遺忘嘅原型整合憑證，潛入其後端系統。 攻擊者推送惡意程式碼，偷取客戶嘅 OAuth 令牌，包括 Salesforce 等第三方整合。

2026 年 6 月 11 日，攻擊者利用 Klue 一個被遺忘嘅原型整合憑證，潛入其後端系統。攻擊者推送惡意程式碼，偷取客戶嘅 OAuth 令牌，包括 Salesforce 等第三方整合。用偷回嚟嘅令牌冒充 Klue 應用程式，經 Salesforce REST API 大量提取 CRM 數據。

使用 Studio Global AI 搜尋並查核事實瀏覽更多熱門頁面

98K0

Search & fact-check with cited sources for What happened in the June 2026 supply chain attack on Klue, including how attackers used a stolenIllustration of the Klue supply chain attack chain: a forgotten credential, a compromised integration, and exfiltrated Salesforce CRM data.

AI 提示

Create a landscape editorial hero image for this Studio Global article: Search & fact-check with cited sources for What happened in the June 2026 supply chain attack on Klue, including how attackers used a stolen. Article summary: Here is a comprehensive, source-cited account of the June 2026 Klue supply chain attack.. Topic tags: general, general web, user generated. Style: premium digital editorial illustration, source-backed research mood, clean composition, high detail, modern web publication hero. Use reference image context only for broad subject, composition, and topical grounding; do not copy the exact image. Avoid: logos, brand marks, copyrighted characters, real person likenesses, fake screenshots, UI text, readable text, watermarks, charts with fake numbers, clickbait thumbnails, icons, and tiny thumbnail layouts. Make it useful as an illustrative visual, not as factual eviden

openai.com

2026 年 6 月 11 日，一班攻擊者成功入侵咗 Klue——一間總部喺溫哥華嘅市場情報平台，呢個平台係俾幾百間企業用嚟將競爭對手嘅「戰術卡」同步落 Salesforce CRM 系統嘅。佢哋嘅入侵方法唔係乜嘢高超嘅零日漏洞，而係一個被遺忘咗嘅舊憑證。呢個憑證係 Klue 為咗一個整合原型而建立，但之後從來冇正式用過，亦都冇刪除。呢個過期咗嘅 OAuth 憑證竟然仲用得，令攻擊者可以成功通過驗證，進入 Klue 嘅整合基礎設施。

Studio Global AI

Search, cite, and publish your own answer

Use this topic as a starting point for a fresh source-backed answer, then compare citations before you share it.

使用 Studio Global AI 搜尋並查核事實

人們還問