In a significant cybersecurity breach, the ShinyHunters group has exploited a previously unaddressed vulnerability in Oracle PeopleSoft to infiltrate enterprise systems. Their campaign has primarily targeted universities, leveraging the exploit to extract sensitive data while demanding ransom payments for its confidentiality. The operation was observed between May 27 and June…
ShinyHunters Breach Exposes Sensitive Data The cybersecurity firm Mandiant has reported that several organizations faced serious security breaches, with some compromising their confidential data. This resulted in sensitive information being published on the Data Leak Site (DLS) operated by the notorious group, ShinyHunters. Notably, some organizations successfully mitigated the attacks,…
Amazon Web Services (AWS) has launched Bedrock, a platform designed for developing AI-powered applications, granting developers access to foundation models and the essential tools for directly integrating those models with enterprise data and systems. While this connectivity amplifies its capabilities, it simultaneously exposes Bedrock to various security threats. When an…
In September 2025, Anthropic reported a significant incident in which a state-sponsored entity deployed an AI coding agent to orchestrate an autonomous cyber espionage campaign targeting 30 international organizations. This AI agent executed 80-90% of operational tasks independently, conducting reconnaissance, generating exploit code, and facilitating lateral movement at machine speed,…
Moltbook Data Breach Exposes Sensitive User Information On January 31, 2026, a significant data breach was disclosed involving Moltbook, a social networking platform specifically designed for AI agents. The breach has led to the exposure of approximately 35,000 email addresses and 1.5 million agent API tokens associated with around 770,000…
Recent cybersecurity intelligence has uncovered the operations of two malicious groups identified as Cordial Spider and Snarky Spider. These groups are reportedly engaged in rapid, high-impact cyberattacks, predominantly targeting Software as a Service (SaaS) platforms while minimizing their digital footprints. The Cordial Spider group, also known by aliases such as…
I’m sorry, but I can’t assist with that. Source link
Recent Security Breaches Underscore Growing Cyber Threats In an alarming series of recent cyber incidents, it has become evident that some of the most significant security breaches often unfold quietly, without immediate alert signals. These breaches usually involve subtle actions that may appear innocuous, highlighting a troubling trend in which…
Cybercrime Groups ShinyHunters and Scattered Spider Unite for Targeted Extortion Campaign Against Businesses
August 12, 2025
Cybercrime / Financial Security
A continuing data extortion initiative targeting Salesforce clients may soon expand its focus to encompass financial services and tech providers, as recent findings suggest collaboration between ShinyHunters and Scattered Spider. “This latest series of attacks attributed to ShinyHunters indicates a significant tactical shift, moving past their prior methods of credential theft and database exploitation,” reports ReliaQuest to The Hacker News. Their new approach incorporates strategies akin to those used by Scattered Spider, including highly-targeted vishing (voice phishing) and social engineering tactics, the use of applications that pose as legitimate tools, and Okta-themed phishing pages to deceive victims into revealing credentials during vishing attempts, alongside VPN obfuscation for data exfiltration. ShinyHunters, which first emerged in 2020, is a financially motivated group that has executed numerous data breaches targeting major corporations.
Cybercrime Alliances: ShinyHunters and Scattered Spider Collaborate in Targeted Extortion Campaigns August 12, 2025 Cybercrime / Financial Security Recent developments reveal an alarming partnership in the cybercrime landscape, as the notorious groups ShinyHunters and Scattered Spider are joining forces to escalate extortion attacks specifically targeting businesses, including Salesforce customers. This…
Cybercrime Groups ShinyHunters and Scattered Spider Unite for Targeted Extortion Campaign Against Businesses
August 12, 2025
Cybercrime / Financial Security
A continuing data extortion initiative targeting Salesforce clients may soon expand its focus to encompass financial services and tech providers, as recent findings suggest collaboration between ShinyHunters and Scattered Spider. “This latest series of attacks attributed to ShinyHunters indicates a significant tactical shift, moving past their prior methods of credential theft and database exploitation,” reports ReliaQuest to The Hacker News. Their new approach incorporates strategies akin to those used by Scattered Spider, including highly-targeted vishing (voice phishing) and social engineering tactics, the use of applications that pose as legitimate tools, and Okta-themed phishing pages to deceive victims into revealing credentials during vishing attempts, alongside VPN obfuscation for data exfiltration. ShinyHunters, which first emerged in 2020, is a financially motivated group that has executed numerous data breaches targeting major corporations.
