Mandiant analyzed ShinyHunters' MO, detailing how it steals login and MFA codes.

Scattered LAPSUS$ Hunters are targeting major firms with sophisticated voice phishing attacks.

Mandiant says a wave of recent ShinyHunters SaaS data-theft attacks is being fueled by targeted voice phishing (vishing) attacks and company-branded phishing sites that steal single sign-on (SSO) ...

We continue to alert our readers to the uptick and successful use of vishing attacks against companies. Threat actors continue to be creative ...

Fortinet has confirmed a new, actively exploited critical FortiCloud single sign-on (SSO) authentication bypass vulnerability ...

The cybersecurity company pointed out that the fresh campaign resembles December 2025 attacks targeting CVE-2025-59718 and CVE-2025-59719, two critical-severity defects impacting the FortiCloud SSO ...

To stop the ongoing attacks, the cybersecurity vendor took the drastic step of temporarily disabling FortiCloud single ...

Kim Komando reveals how clicking Sign in with Google or Sign in with Facebook lets tech giants track every site you visit and ...

Arctic Wolf reports automated attacks on FortiGate devices abusing FortiCloud SSO flaws to change firewall settings and steal configurations.

Managing digital identities for both human and non-human users is a central challenge for modern organizations. As companies adopt more SaaS platforms, microservices, and multi-cloud environments, ...

Security experts warn that "an active and ongoing campaign" being waged by ShinyHunters extortionists has at least 150 ...

Federation. Learn how to implement secure federated identity, manage STS, and bridge legacy apps with modern CIAM.