// Alert

Slack threat report

Slack OAuth tokens were harvested during a Klue platform breach on June 11, 2026. Attackers who compromised Klue's backend injected malicious code that stole OAuth credentials from customers using Klue to integrate with Slack, Salesforce, and other enterprise tools. The extortion-focused threat group Icarus is attributed to the attack. Affected Slack organizations should revoke compromised OAuth tokens and review integration access logs.

// Get alerts for Slack