Mandiant details how ShinyHunters abuse SSO to steal cloud data

Mandiant says a wave of recent ShinyHunters SaaS data-theft attacks is being fueled by targeted voice phishing (vishing) attacks and company-branded phishing sites that steal single sign-on (SSO) ...
The Hacker News

Mandiant Finds ShinyHunters-Style Vishing Attacks Stealing MFA to Breach SaaS Platforms

Mandiant reports ShinyHunters-linked vishing attacks abusing MFA and SSO to breach SaaS apps, steal data, and extort ...

Panera Bread breach: ShinyHunters claims hack of 14 million customers' data

Should we trust companies with our private data? It's a question some shoppers are asking following high-profile customer ...

NordVPN blocks 92% malicious sites in independent phishing test

NordVPN's Threat Protection Pro has once again earned top marks in a phishing test conducted by AV-Comparatives, after ...

Data breaches climbed to a record high in 2025. How to protect your personal information

As reports of new identity compromises climbed in 2025, experts say taking certain steps can help protect your personal ...

This Phishing Scam Comes From a Real Microsoft Email Address

Ars Technica has identified a scheme that sends phishing emails from [email protected], a real address that the ...

New York warning residents about 2026 sporting event scams

With the FIFA World Cup, Winter Olympics, and Superbowl LX on the horizon, avoid fake tickets and phishing scams with these ...
CNET

Deleting Data Just Got Easier for Californians, but It’s Just One Piece of the Larger Cybersecurity Puzzle

The newly launched DROP portal could be a game-changer for Californians’ privacy, even though it’s not a replacement for a ...
Dark Reading

'Stanley' Toolkit Turns Chrome Into Undetectable Phishing Vector

The malware-as-a-service kit enables malicious overlays on real websites without changing the visible URL, issuing a new ...
CSO Online

AI-powered polymorphic attack lures victims to phishing webpages

A new breed of malware uses various dynamic techniques to avoid detection and create customized phishing webpages.

Ten Brands Scammers Are Most Likely to Impersonate

A recent report on scams found that Microsoft was imitated in nearly a quarter of all branded phishing attempts in Q4 of last ...

1Password Adds Pop-Ups To Flag Phishing Sites

Password manager 1Password has introduced a new built-in phishing protection feature designed to stop users from accidentally ...