Tag: group

ShinyHunters Expands Scope of SaaS Extortion Attacks

Feb 2, 2026 6:13 PM

Tags: attack, cybercrime, extortion, group, saas

Following its attacks on Salesforce instances last year, members of the cybercrime group have broadened their targeting and gotten more aggressive with extortion tactics. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/shinyhunters-expands-scope-saas-extortion-attacks
NSFOCUS Monthly APT Insights December 2025

Feb 2, 2026 4:13 PM

Tags: apt, attack, cyber, group, network, threat

Regional APT Threat Situation In December 2025, the global threat hunting system of Fuying Lab detected a total of 24 APT attack activities. These activities were primarily concentrated in regions including South Asia, East Asia, with a smaller portion also found in Eastern Europe and South America. Some organizations remain unattributed to known APT groups,…The…
Spyware maker is hijacking diplomatic efforts to limit commercial hacking, civil society warns

Feb 2, 2026 3:14 PM

Tags: government, group, hacking, spyware

Spyware maker NSO Group trumpeted the company’s participation in the Pall Mall Process, which drew criticism from civil society leaders and government officials who called out human rights abuses. First seen on therecord.media Jump to article: therecord.media/spyware-maker-pall-mall-process-reputation
Fancy Bear Exploits Microsoft Office Flaw in Ukraine, EU Cyber-Attacks

Feb 2, 2026 2:13 PM

Tags: attack, cyber, exploit, flaw, group, hacking, microsoft, office, russia, ukraine, vulnerability

Russia-linked hacking group Fancy Bear is exploiting a brand-new vulnerability in Microsoft Office, CERT-UA says First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/fancy-bear-exploits-office-flaw/
Notepad++ Users Targeted After State-Backed Attackers Hijack Update Servers

Feb 2, 2026 11:13 AM

Tags: attack, china, cyber, group, infrastructure, supply-chain, threat, update

Notepad++ fell victim to a sophisticated supply chain attack orchestrated by state-sponsored threat actors who compromised its update infrastructure over a six-month campaign. Security experts have attributed the attack to a Chinese state-backed group based on the highly selective targeting and technical sophistication demonstrated throughout the incident. Attack Timeline and Scope The compromise began in…
Groups Warn $32B Google-Wiz Deal Threatens Cloud Competition

Jan 31, 2026 9:15 PM

Tags: cloud, google, group

Civil Society Orgs Concerned Deal Could Tilt Cloud Security Space in Google’s Favor. A coalition of European civil society organizations is urging regulators to launch a detailed antitrust investigation into Google’s proposed $32 billion purchase of Wiz. They argue the acquisition would strengthen Google’s dominance in cloud security and undermine multi-cloud neutrality. First seen on…
Mandiant Finds ShinyHunters-Style Vishing Attacks Stealing MFA to Breach SaaS Platforms

Jan 31, 2026 9:15 PM

Tags: access, attack, breach, credentials, extortion, google, group, hacking, mandiant, mfa, phishing, saas, threat, unauthorized

Google-owned Mandiant on Friday said it identified an “expansion in threat activity” that uses tradecraft consistent with extortion-themed attacks orchestrated by a financially motivated hacking group known as ShinyHunters.The attacks leverage advanced voice phishing (aka vishing) and bogus credential harvesting sites mimicking targeted companies to gain unauthorized access to victim First seen on thehackernews.com Jump…
State CIO Group Seeks Federal Support for AI, Cybersecurity

Jan 31, 2026 9:15 PM

Tags: ai, cio, cyber, cybersecurity, group

NASCIO Agenda Focuses on AI Policy, Cyber Investment and Critical Infrastructure. State CIOs have lots on their plates, juggling multiple priorities from AI to cybersecurity. But the state IT programs don’t have to go it alone. The National Association of State CIOs’ 2026 agenda focuses on federal legislation – and federal funds – that could…
Russian hackers breached Polish power grid thanks to bad security, report says

Jan 30, 2026 6:21 PM

Tags: government, group, hacker, hacking, russia

The Polish government accused a Russian government hacking group of hacking into energy facilities taking advantage of default usernames and passwords. First seen on techcrunch.com Jump to article: techcrunch.com/2026/01/30/russian-hackers-breached-polish-power-grid-thanks-to-bad-security-report-says/
Labyrinth Chollima Evolves into Three North Korean Hacking Groups

Jan 30, 2026 5:22 PM

Tags: crowdstrike, group, hacker, hacking, north-korea, threat

CrowdStrike assessed that two new threat actor groups have spun off from North Korean Labyrinth Chollima hackers First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/labyrinth-chollima-dprk-three/
Dating-app giants investigate incidents after cybercriminals claim to steal data

Jan 30, 2026 3:28 PM

Tags: breach, cybercrime, data, group, network

Bumble and Match said they each recently responded to network intrusions. The group ShinyHunters claimed to have stolen data from both. First seen on therecord.media Jump to article: therecord.media/bumble-match-dating-apps-data-breaches
Security work keeps expanding, even with AI in the mix

Jan 30, 2026 7:21 AM

Tags: ai, group

Board attention continues to rise, and security groups now operate closer to executive decision making than in prior years, a pattern reflected the Voice of Security 2026 … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/01/30/central-role-ai-security-workflows/
ShinyHunters ramp up new vishing campaign with 100s in crosshairs

Jan 30, 2026 5:21 AM

Tags: advisory, attack, authentication, breach, communications, control, credentials, cybercrime, cybersecurity, data, data-breach, finance, google, group, hacker, hacking, infrastructure, intelligence, login, mfa, microsoft, mobile, okta, phishing, phone, saas, security-incident, social-engineering, tactics, theft, tool, unauthorized

<img loading="lazy" decoding="async" src="https://b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?w=1024" alt="ShinyHunters data dump" class="wp-image-4124689" srcset="https://b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?quality=50&strip=all 2260w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=300%2C182&quality=50&strip=all 300w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=768%2C466&quality=50&strip=all 768w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=1024%2C621&quality=50&strip=all 1024w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=1536%2C931&quality=50&strip=all 1536w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=2048%2C1241&quality=50&strip=all 2048w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=1150%2C697&quality=50&strip=all 1150w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=277%2C168&quality=50&strip=all 277w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=139%2C84&quality=50&strip=all 139w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=792%2C480&quality=50&strip=all 792w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=594%2C360&quality=50&strip=all 594w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=412%2C250&quality=50&strip=all 412w” width=”1024″ height=”621″ sizes=”auto, (max-width: 1024px) 100vw, 1024px” /> CSOIn operation since 2020, ShinyHunters, also tracked as UNC6040, has stolen data from many well-known…
ShinyHunters ramp up new vishing campaign with 100s in crosshairs

Jan 30, 2026 5:21 AM

Tags: advisory, attack, authentication, breach, communications, control, credentials, cybercrime, cybersecurity, data, data-breach, finance, google, group, hacker, hacking, infrastructure, intelligence, login, mfa, microsoft, mobile, okta, phishing, phone, saas, security-incident, social-engineering, tactics, theft, tool, unauthorized

<img loading="lazy" decoding="async" src="https://b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?w=1024" alt="ShinyHunters data dump" class="wp-image-4124689" srcset="https://b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?quality=50&strip=all 2260w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=300%2C182&quality=50&strip=all 300w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=768%2C466&quality=50&strip=all 768w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=1024%2C621&quality=50&strip=all 1024w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=1536%2C931&quality=50&strip=all 1536w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=2048%2C1241&quality=50&strip=all 2048w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=1150%2C697&quality=50&strip=all 1150w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=277%2C168&quality=50&strip=all 277w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=139%2C84&quality=50&strip=all 139w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=792%2C480&quality=50&strip=all 792w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=594%2C360&quality=50&strip=all 594w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=412%2C250&quality=50&strip=all 412w” width=”1024″ height=”621″ sizes=”auto, (max-width: 1024px) 100vw, 1024px” /> CSOIn operation since 2020, ShinyHunters, also tracked as UNC6040, has stolen data from many well-known…
Chinese APTs Hacking Asian Orgs With High-End Malware

Jan 30, 2026 5:21 AM

Tags: apt, china, cyber, group, hacking, malware, threat

Advanced persistent threat (APT) groups have deployed new cyber weapons against a variety of targets, highlighting the increasing threats to the region. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/chinese-apts-asian-orgs-high-end-malware
Google disrupts IPIDEA residential proxy networks fueled by malware

Jan 29, 2026 9:28 PM

Tags: google, group, intelligence, malware, network, threat

IPIDEA, one of the largest residential proxy networks used by threat actors, was disrupted earlier this week by Google Threat Intelligence Group (GTIG) in collaboration with industry partners. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/google-disrupts-ipidea-residential-proxy-networks-fueled-by-malware/
Match Group breach exposes data from Hinge, Tinder, OkCupid, and Match

Jan 29, 2026 8:22 PM

Tags: breach, cybersecurity, data, group, service

Match Group, the owner of multiple popular online dating services, Tinder, Match.com, Meetic, OkCupid, and Hinge, confirmed a cybersecurity incident that compromised user data. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/match-group-breach-exposes-data-from-hinge-tinder-okcupid-and-match/
Google disrupts proxy network used by 550+ threat groups

Jan 29, 2026 6:25 PM

Tags: cyberattack, google, group, network, threat

Google has disrupted Ipidea, a massive residential proxy network consisting of user devices that are being used as the last-mile link in cyberattack chains. >>In a single … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/01/29/ipidea-proxy-network-disrupted/
ShinyHunters swipes right on 10M records in alleged dating app data grab

Jan 29, 2026 4:26 PM

Tags: data, extortion, group

Extortion crew says it’s found love in someone else’s info as Match Group plays down the impact First seen on theregister.com Jump to article: www.theregister.com/2026/01/29/shinyhunters_match_group/
Notorious Russia-based RAMP cybercrime forum apparently seized by FBI

Jan 29, 2026 3:24 PM

Tags: china, cybercrime, group, ransomware, russia

RAMP was used by Russian, Chinese and English-speaking cybercriminals and particularly catered to ransomware groups and their affiliates. First seen on therecord.media Jump to article: therecord.media/notorious-russia-based-ramp-forum-seized
Ransomware Victim Numbers Rise, Despite Drop in Active Extortion Groups

Jan 29, 2026 2:25 PM

Tags: data, extortion, group, leak, ransomware

Ransomware victims surged in Q4 2025 despite fewer active extortion groups, with data leaks rising 50%, ReliaQuest researchers report First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/ransomware-numbers-rise-despite/
Long-running North Korea threat group splits into 3 distinct operations

Jan 29, 2026 1:23 PM

Tags: crypto, espionage, group, korea, lazarus, north-korea, theft, threat

The trio, which share lineage with the more broadly defined Lazarus Group, are focused on espionage and cryptocurrency theft, according to CrowdStrike. First seen on cyberscoop.com Jump to article: cyberscoop.com/north-korea-labyrinth-chollima-splits-crowdstrike/
Nation-state and criminal actors leverage WinRAR flaw in attacks

Jan 29, 2026 1:23 PM

Tags: access, apt, attack, cve, exploit, flaw, google, group, intelligence, malicious, threat

Multiple threat actors exploited a now-patched critical WinRAR flaw to gain initial access and deliver various malicious payloads. Google Threat Intelligence Group (GTIG) revealed that multiple threat actors, including APTs and financially motivated groups, are exploiting the CVE-2025-8088 flaw in RARLAB WinRAR to establish initial access and deploy a diverse array of payloads. The WinRAR…
Bumble, Panera Bread, Match Group, and CrunchBase Hit by New Wave of Cyberattacks

Jan 29, 2026 11:24 AM

Tags: cyberattack, group, phishing

A new wave of cyberattacks has recently struck several prominent U.S. companies, including Bumble Inc., Panera Bread Co., Match Group Inc., and CrunchBase. Bumble Inc., the parent company of dating apps Bumble, Badoo, and BFF, reported that one of its contractor accounts was compromised in a phishing incident. First seen on thecyberexpress.com Jump to article:…
What motivates hackers and what makes them walk away

Jan 29, 2026 6:21 AM

Tags: group, hacker

Most hackers spend more time learning, testing, and comparing notes than breaking into systems. The work often happens alone or in small groups, shaped by curiosity, … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/01/29/bugcrowd-hacker-community-research/
What motivates hackers and what makes them walk away

Jan 29, 2026 6:21 AM

Tags: group, hacker

Most hackers spend more time learning, testing, and comparing notes than breaking into systems. The work often happens alone or in small groups, shaped by curiosity, … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/01/29/bugcrowd-hacker-community-research/
Crooks are hijacking and reselling AI infrastructure: Report

Jan 29, 2026 5:21 AM

Tags: access, ai, api, attack, authentication, business, cloud, communications, control, credentials, cybersecurity, data, data-breach, endpoint, exploit, firewall, group, infosec, infrastructure, intelligence, Internet, LLM, malicious, marketplace, risk, service, skills, technology, theft, threat, training, vulnerability

exposed endpoints on default ports of common LLM inference services;unauthenticated API access without proper access controls;development/staging environments with public IP addresses;MCP servers connecting LLMs to file systems, databases and internal APIs.Common misconfigurations leveraged by these threat actors include:Ollama running on port 11434 without authentication;OpenAI-compatible APIs on port 8000 exposed to the internet;MCP servers accessible without…
Hackers Still Using Patched WinRAR Flaw for Malware Drops, Warns Google

Jan 28, 2026 5:21 PM

Tags: exploit, flaw, google, group, hacker, intelligence, malware, threat

The Google Threat Intelligence Group (GTIG) warns that nation-state actors and financially motivated threat actors are exploiting a… First seen on hackread.com Jump to article: hackread.com/hackers-patch-winrar-flaw-malware-google/
Google Warns of Active Exploitation of WinRAR Vulnerability CVE-2025-8088

Jan 28, 2026 12:21 PM

Tags: access, china, cve, exploit, flaw, google, government, group, russia, threat, vulnerability

Google on Tuesday revealed that multiple threat actors, including nation-state adversaries and financially motivated groups, are exploiting a now-patched critical security flaw in RARLAB WinRAR to establish initial access and deploy a diverse array of payloads.”Discovered and patched in July 2025, government-backed threat actors linked to Russia and China as well as financially motivated First…
Skills CISOs need to master in 2026

Jan 28, 2026 9:21 AM

Tags: access, ai, business, ciso, cloud, compliance, credentials, cyber, cybersecurity, data, endpoint, finance, firewall, group, Hardware, identity, infrastructure, intelligence, jobs, resilience, risk, risk-management, skills, strategy, threat, tool, training

Top technical skills: In addition to strong knowledge of AI systems, today’s CISOs need a solid foundation in the technologies that define modern enterprise environments. The (ISC)² CISSP is still widely regarded as the gold standard for broad expertise in security architecture, risk management, and governance. “Regulators will expect this, and it still appears in…