Bleeping Computer

Mandiant details how ShinyHunters abuse SSO to steal cloud data

For threat actors focused on data theft and extortion, the SSO dashboard becomes a springboard to a company's cloud data, allowing them to access multiple services from a single compromised account.
Dark Reading

ShinyHunters Expands Scope of SaaS Extortion Attacks

ShinyHunters has expanded its extortion attacks to various software-as-a-service (SaaS) environments, with multiple threat clusters using voice phishing (vishing) and credential harvesting to ...