Tuesday , July 7 2026

ShinyHunters Launches Data Leak Site Listing Salesforce Breach

The Trinity of Chaos, a ransomware group linked to Lapsus$, Scattered Spider, and ShinyHunters, has created a Data Leak Site on the TOR network. This site includes data from 39 companies, such as Aeromexico, AirFrance, Google, Cisco, Stellantis, and Qantas Airlines, affected by attacks on weak Salesforce instances and other vulnerabilities.

Trinity of Chaos, a ransomware collective presumably associated with Lapsus$, Scattered Spider, and ShinyHunters. Resecurity’s previous report indicates that the group will continue its activities, now focusing on traditional ransomware.

Daily Cyber security update for 6. 07. 2026

Cyberattacks are rising around the world, including ransomware, malware, data leaks, and hacked websites. These events show how complex and...
Read More
Daily Cyber security update for 6. 07. 2026

“Bad Epoll” 0-Day Vulnerability Allows Root Access on Linux Servers, Android Devices

A new Linux flaw called “Bad Epoll” (CVE-2026-46242) lets regular users get root access on Linux servers, desktops, and Android...
Read More
“Bad Epoll” 0-Day Vulnerability Allows Root Access on Linux Servers, Android Devices

An AI performed a cyber attack without any human help for the first time

Security experts found what they think is the first time an AI carried out a cyber attack all by itself....
Read More
An AI performed a cyber attack without any human help for the first time

Singapore major data centres, cloud providers could incur fine up to $1m

Major data center and cloud service providers might have to pay a fine of up to $1 million or up...
Read More
Singapore major data centres, cloud providers could incur fine up to $1m

IBM-managed instance breach exposes personal data of 70,000 in Singapore

The Singapore Land Authority (SLA) has announced that the personal details of around 70,000 people were leaked after someone accessed...
Read More
IBM-managed instance breach exposes personal data of 70,000 in Singapore

Alibaba Reportedly Bans Claude Code for Suspected AI Tool Backdoor

Alibaba is said to be getting ready to ban the use of Anthropic’s Claude Code in its own systems starting...
Read More
Alibaba Reportedly Bans Claude Code for Suspected AI Tool Backdoor

CISA KEV Adds SharePoint RCE CVE-2026-45659 After Active Exploits

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a serious problem affecting Microsoft SharePoint Server to its list of...
Read More
CISA KEV Adds SharePoint RCE CVE-2026-45659 After Active Exploits

Nepal Unveils First “Hall of Fame” for Ethical Hackers

Nepal has started a 'Hall of Fame' program to honor cybersecurity researchers who safely report security flaws in government digital...
Read More
Nepal Unveils First “Hall of Fame” for Ethical Hackers

900+ Oracle E-Business instances Exposed Online

The Shadowserver Foundation found about 950 Oracle E-Business Suite (EBS) systems on the internet around the world. This discovery came...
Read More
900+ Oracle E-Business instances Exposed Online

India asks WhatsApp not to roll out ‘username’ feature over fraud concerns

The Indian government issued a notice WhatsApp planned to roll out its new 'username' feature. They are worried about fake...
Read More
India asks WhatsApp not to roll out ‘username’ feature over fraud concerns

The Data Leak Site (DLS) lists recent victims like Stellantis, which revealed a data breach affecting North American customers on September 21, 2025. This followed an attack on Jaguar Land Rover that disrupted its retail and production.

Most leaked data samples don’t include passwords but have a lot of PII, suggesting they probably come from compromised Salesforce instances due to vishing attacks and stolen OAuth tokens linked to Salesloft’s Drift AI chat integration. This has led the FBI to issue a flash warning with technical indicators for organizations to check for potential intrusions in their Salesforce systems.

A Resecurity report has revealed a growing global cybercrime campaign led by LAPSUS$, ShinyHunters, and Scattered Spider. Despite claims of their “retirement,” this group continues to hack and extort large companies, with many significant data breaches still undisclosed. The report indicates an increase in private extortion efforts, suggesting the real impact of these hackers may be much larger than known. They also claim to have updated the Data Leak Site (DLS) after October 10, which now features over 1.5 billion records.

Resecurity analysts indicate that new victims and incidents are now surfacing. Ongoing extortion activities and the group’s reputation are pressuring companies to remain silent, revealing the extent of compromised data in the Fortune 100, financial, technology, aviation, retail, and auto sectors.

Cybersecurity experts warn that cybercriminals could use stolen data for harmful purposes, including in AI applications. They can analyze victim information to gain insights and connect data sets, enabling sophisticated social engineering, targeted phishing, and identity theft, particularly against large businesses and government entities.

Check Also

Asian

Asian Two AI startups launch Mythos-like Model

Two Asian AI companies have released new models this week that compete with Anthropic’s recently …