Dark Reading

ShinyHunters Expands Scope of SaaS Extortion Attacks

Following their Salesforce attacks last year, the cybercrime group has broadened its targeting and gotten more aggressive with extortion tactics.

Google's security team look at how ShinyHunters has rolled out SSO scams

Mandiant analyzed ShinyHunters' MO, detailing how it steals login and MFA codes.

Mandiant details how ShinyHunters abuse SSO to steal cloud data

Mandiant says a wave of recent ShinyHunters SaaS data-theft attacks is being fueled by targeted voice phishing (vishing) attacks and company-branded phishing sites that steal single sign-on (SSO) ...
Cybernews

Reports link ShinyHunters to SSO vishing attacks, but key details reserved for Okta paying customers

There are reports that threat actor ShinyHunters is behind an active voice phishing campaign, aimed at stealing single ...

ShinyHunters claims Okta customer breaches, leaks data belonging to 3 orgs

'A lot more' victims to come, we're told ShinyHunters has claimed responsibility for an Okta voice-phishing campaign during ...
DataBreachToday

Voice Phishing Okta Customers: ShinyHunters Claims Credit

A surge in attacks that bypass some types of multifactor authentication has been tied to a new generation of voice-phishing ...

Canva among ~100 targets of ShinyHunters Okta identity-theft campaign

Atlassian, RingCentral, ZoomInfo also among tech targets ShinyHunters has targeted around 100 organizations in its latest ...