Three separate intelligence items this week document the same structural attack against Salesforce: the Icarus threat actor systematically compromising third-party Salesforce OAuth integrations (confirmed: Klue Battlecards) and using stolen tokens to extract CRM data from Salesforce customers without ever attacking Salesforce directly. No CVE applies — the attack targets OAuth architectural weaknesses, not Salesforce software. Any enterprise running third-party Salesforce integrations faces equivalent structural risk.