PrivacySignal
Breach

Defending SaaS-based applications against ShinyHunters OAuth abuse

Microsoft Threat Intelligence · · International · Data Breaches

Microsoft Threat Intelligence identified threat actor activity with overlapping tradecraft commonly associated with ShinyHunters, including voice phishing (vishing), supply-chain compromise, and misconfigured guest access targeting SaaS-based applications. The post Defending SaaS-based applications against ShinyHunters OAuth abuse appeared first on Microsoft Security Blog.

Who should care: Cybersecurity · Privacy officers · Administrators

This summary is AI-assisted and may contain errors. It is an original briefing to help you gauge significance quickly — not a reproduction of the source. Always read the linked original before relying on it. See our methodology.

Related stories

Breach
Military Times · · US Federal

Nearly 12,000 military Tricare beneficiaries warned of data breach

TriWest Healthcare Alliance has notified nearly 12,000 military Tricare beneficiaries that their protected health information may have been exposed in a data breach. The notification indicates the incident was significant enough to trigger formal disclosure requirements under federal health privacy rules.

Who should care: Cybersecurity · Privacy officers · Administrators · Healthcare professionals · Compliance

#breach#healthcare Read original →
Breach
The Record · · International

VPN service favored by ransomware groups is sanctioned by US

The U.S. Treasury Department announced sanctions against First VPN Service (1VPNS) and its Ukrainian administrator for aiding ransomware groups. Separately, a Belarusian man was sanctioned for malware "cryptors."

Who should care: Cybersecurity · Privacy officers · Administrators

#breach#security Read original →
Breach
DataBreaches.net · · International

NG: Zenith Bank, Others To Be Arraigned Over Alleged Data Breach

Fatima Abdullahi reports: The Federal High Court in Abuja has fixed July 21, 2026, for the arraignment of Zenith Bank Plc and three other defendants over allegations of illegally accessing and disclosing the confidential financial records of Makers Island Company Limited. The other defendants are Oluwaseyi Famousa, Paul Oku and Yesu-Felix Abosede Alice. Justice Hauwa... Source

Who should care: Cybersecurity · Privacy officers · Administrators