#1 Trusted Cybersecurity News Platform
Followed by 5.20+ million
The Hacker News Logo
Subscribe – Get Latest News
Maximizing Efficiency and Security in Government Cloud Environments

ShinyHunters | Breaking Cybersecurity News | The Hacker News

Category — ShinyHunters
Google Exposes Vishing Group UNC6040 Targeting Salesforce with Fake Data Loader App

Google Exposes Vishing Group UNC6040 Targeting Salesforce with Fake Data Loader App

Jun 04, 2025 Threat Intelligence / Data Breach
Google has disclosed details of a financially motivated threat cluster that it said "specializes" in voice phishing (aka vishing ) campaigns designed to breach organizations' Salesforce instances for large-scale data theft and subsequent extortion. The tech giant's threat intelligence team is tracking the activity under the moniker UNC6040 , which it said exhibits characteristics that align with threat groups with ties to an online cybercrime collective known as The Com . "Over the past several months, UNC6040 has demonstrated repeated success in breaching networks by having its operators impersonate IT support personnel in convincing telephone-based social engineering engagements," the company said in a report shared with The Hacker News. This approach, Google's Threat Intelligence Group (GTIG) added, has had the benefit of tricking English-speaking employees into performing actions that give the threat actors access or lead to the sharing of valua...
BreachForums Returns Just Weeks After FBI Seizure - Honeypot or Blunder?

BreachForums Returns Just Weeks After FBI Seizure - Honeypot or Blunder?

May 29, 2024 Cyber Crime / Data Breach
The online criminal bazaar BreachForums has been resurrected merely two weeks after a U.S.-led coordinated law enforcement action dismantled and seized control of its infrastructure. Cybersecurity researchers and dark web trackers Brett Callow , Dark Web Informer , and FalconFeeds revealed the site's online return at breachforums[.]st – one of the dismantled sites – by a user named ShinyHunters, who has since offered for sale a 1.3 TB database containing details of allegedly 560 million Ticketmaster customers for $500,000. This includes full names, addresses, email addresses, phone numbers, ticket sales and event information, and the last four digits of credit cards and their associated expiration dates. However, in an interesting twist, visitors of the site are now being asked to sign up for an account in order to view the content. The development follows a joint law enforcement action that seized all the new domains belonging to BreachForums (breachforums[.]st/.cx/.is/....
BreachForums Founder Sentenced to 20 Years of Supervised Release, No Jail Time

BreachForums Founder Sentenced to 20 Years of Supervised Release, No Jail Time

Jan 23, 2024 Cyber Crime / Dark Web
Conor Brian Fitzpatrick has been sentenced to time served and 20 years of supervised release for his role as the creator and administrator of BreachForums. Fitzpatrick, who went by the online alias "pompompurin," was arrested in March 2023 in New York and was subsequently charged with conspiracy to commit access device fraud and possession of child pornography. He was later released on a $300,000 bond, and in July 2023, he pleaded guilty to the charges. BreachForums was a major cyber crime marketplace that facilitated the trafficking of stolen data since March 2022. Prior to its shutdown exactly a year later, the website boasted of over 340,000 members. Among the stolen items commonly sold on the platform were bank account information, Social Security numbers, personally identifying information (PII), hacking tools, breached databases, and account login information for compromised online accounts with service providers and merchants. BreachForums also advertised servic...
cyber security

Navigating the Maze: How to Choose the Best Threat Detection Solution

websiteSygniaThreat Detection / Cybersecurity
Discover how to continuously protect your critical assets with the right MDR strategy. Download the Guide.
AI Agents and the Non‑Human Identity Crisis: How to Deploy AI More Securely at Scale

AI Agents and the Non‑Human Identity Crisis: How to Deploy AI More Securely at Scale

May 27, 2025Artificial Intelligence / Cloud Identity
Artificial intelligence is driving a massive shift in enterprise productivity, from GitHub Copilot's code completions to chatbots that mine internal knowledge bases for instant answers. Each new agent must authenticate to other services, quietly swelling the population of non‑human identities (NHIs) across corporate clouds. That population is already overwhelming the enterprise: many companies now juggle at least 45 machine identities for every human user . Service accounts, CI/CD bots, containers, and AI agents all need secrets, most commonly in the form of API keys, tokens, or certificates, to connect securely to other systems to do their work. GitGuardian's State of Secrets Sprawl 2025 report reveals the cost of this sprawl: over 23.7 million secrets surfaced on public GitHub in 2024 alone. And instead of making the situation better, repositories with Copilot enabled the leak of secrets 40 percent more often .  NHIs Are Not People Unlike human beings logging into systems, ...
Researchers Detail Modus Operandi of ShinyHunters Cyber Crime Group

Researchers Detail Modus Operandi of ShinyHunters Cyber Crime Group

Aug 23, 2021
ShinyHunters, a notorious cybercriminal underground group that's been on a data breach spree since last year, has been observed searching companies' GitHub repository source code for vulnerabilities that can be abused to stage larger scale attacks, an analysis of the hackers' modus operandi has revealed. "Primarily operating on Raid Forums, the collective's moniker and motivation can partly be derived from their avatar on social media and other forums: a shiny Umbreon Pokémon," Intel 471 researchers said in a report shared with The Hacker News. "As Pokémon players hunt and collect "shiny" characters in the game, ShinyHunters collects and resells user data." The revelation comes as the  average cost of a data breach  rose from $3.86 million to $4.24 million, making it the highest average cost in 17 years, with compromised credentials responsible for 20% of the breaches reported by over 500 organizations. Since rising to prominence in A...
Expert Insights Articles Videos
Cybersecurity Resources