Dark Reading

ShinyHunters Expands Scope of SaaS Extortion Attacks

ShinyHunters has expanded its extortion attacks to various software-as-a-service (SaaS) environments, with multiple threat clusters using voice phishing (vishing) and credential harvesting to ...
Bleeping Computer

Mandiant details how ShinyHunters abuse SSO to steal cloud data

Mandiant says a wave of recent ShinyHunters SaaS data-theft attacks is being fueled by targeted voice phishing (vishing) attacks and company-branded phishing sites that steal single sign-on (SSO) ...