Threat Research

    Vishing Campaigns Lead to Data Theft and Extortion

    Since late December 2025, the team has handled multiple incidents involving voice-based phishing (vishing) leading to data theft and extortion. These attacks have targeted organizations across Financial Services, Manufacturing, Professional & Legal Services, and Wholesale & Retail sectors....
    3/17/2026  0
    Read More »

    Vishing for Access: Tracking the Expansion of ShinyHunters-Branded SaaS Data Theft

    The team observed increased threat activity matching tactics linked to previous ShinyHunters extortion campaigns. These operations rely heavily on advanced voice phishing (vishing) techniques. Attackers use victim-branded credential harvesting sites to capture SSO credentials and MFA codes. With initial access gained, they pivot into corporate cloud environments....
    2/2/2026  0
    Read More »

    Suspected ShinySP1der Ransomware Samples

    We uncovered multiple malicious files during an investigation into the ShinySp1d3r ransomware, linked to the ShinyHunters group. The ransomware name appears as “ShinySp1d3r” or “Sh1nySp1d3r,” and we track the group as Bling Libra. Several samples contain an embedded URL, likely a placeholder for a future Tor-based leak site....
    11/25/2025  0
    Read More »
    Looking for Something?
    Threat Research Categories:
    Tags

    Privacy & Security StatementTerms & Conditions
    Copyright © 2026 by Gurucul - All rights reserved.