![[FORECAST] ShinyHunters SaaS Data Theft: Why Non-Ransom Monetization Looks Increasingly Attractive](/content/images/size/w600/2026/02/z.png)
forecasts
[FORECAST] ShinyHunters SaaS Data Theft: Why Non-Ransom Monetization Looks Increasingly Attractive
Our new forecast asks: will ShinyHunters make more in 2H 2026 by selling SaaS access/data than by getting paid? Signals say yes. 🕵️♂️💸☁️
phishing
void-proxy
VoidProxy: AitM Phishing-as-a-Service Quietly Bypasses MFA at Scale
VoidProxy is reshaping the phishing landscape, enabling adversaries to bypass MFA and hijack enterprise cloud sessions with minimal technical skill. Its rapid adoption, use of trusted email providers, and evasive infrastructure demand urgent, layered defenses—especially for organizations...
phishing
AI-Driven Voice Deepfake Defense: Integrating Detection and Watermarking into Healthcare SIEM and SOC Workflows
Healthcare organizations with SIEM deployments and immature SOCs face escalating risks from AI-driven vishing attacks leveraging voice deepfakes. This analysis outlines a pragmatic, phased approach for integrating AI-based voice deepfake detection and audio watermarking..
dprk
DPRK's Evolving Cyber Arsenal: Overlapping Malware, Supply Chain Attacks, and Social Engineering in Cryptocurrency and Developer Sectors
North Korean threat actors Slow Pisces, Alluring Pisces, and Contagious Interview—operating under the Reconnaissance General Bureau—have escalated global cyber operations since 2023, focusing on cryptocurrency theft and espionage. Their campaigns employ advanced social engineering..
phishing
CryptoChameleon: Multi-Channel Phishing Kit Driving Advanced Credential Theft in Financial and Crypto Sectors
CryptoChameleon is an advanced phishing kit distributed via phishing-as-a-service platforms, enabling rapid, scalable attacks against cryptocurrency users, financial institutions, and related sectors...
phishing
Smishing Triad's Global Impact: New Phishing Kits and Expanding Targets
The Smishing Triad, a cybercriminal group, is leveraging advanced smishing techniques to deceive victims by impersonating legitimate organizations. They exploit platforms like iMessage using compromised Apple iCloud accounts to send spam messages that bypass traditional filters..
m-trends
AI-Driven Cyber Threats, Ransomware Evolution, and Supply Chain Security: We (try to) PREDICT what's coming in Mandiant's 2025 M-Trends Report
I take a SPECULATIVE deep dive into what I think might be in the 2025 Mandiant M-TRENDS report.
Thai Money Laundering Tactics on Facebook: Regulatory Responses and Future Implications
The revised analysis of Thai money laundering operations on Facebook reveals sophisticated tactics, including fraudulent schemes and the use of corporate mule accounts. These operations have a substantial financial impact, with millions of baht laundered daily.
encrypthub
EncryptHub's Global Cyber Assault: Spear-Phishing and Ransomware Tactics Unveiled
EncryptHub, also known as Larva-208, is a sophisticated cybercriminal group that has recently breached 618 organizations worldwide. Their primary method of attack is spear-phishing, utilizing social engineering to deploy infostealers and ransomware.
ato
Comparative Analysis of Account Takeover (ATO) Attack Vectors Across Financial, Retail, and Technology Sectors
Account Takeover (ATO) attacks pose significant threats across various sectors, leading to financial loss, data breaches, and reputational damage.
deepfake
AI-Driven Deepfake Phishing Detection: Tools, Trends, and Case Studies
The rise of deepfake technology has necessitated the development of advanced detection tools to combat phishing attacks. Tools like Reality Defender are being utilized to train employees through deepfake phishing drills, enhancing their ability to recognize manipulated content.