Troy Hunt discusses the ShinyHunters hacking group, noting how young, resource-limited actors consistently breach major brands not through technical sophistication but primarily via social engineering — specifically voice phishing (vishing) and credential harvesting sites targeting SSO credentials and MFA codes. A Mandiant write-up corroborates this pattern. Hunt speculates on how long their run will continue before an inevitable reckoning.
Sort: