> TritonInfoSec News
Home / May 02, 2026 / Story
0
#7 The Hacker News general May 01, 2026 at 14:26 UTC

Cybercrime Groups Using Vishing and SSO Abuse in Rapid SaaS Extortion Attacks

By [email protected] (The Hacker News)

AI Summary

CrowdStrike identified Cordial Spider (UNC6671) and Snarky Spider (UNC6661) conducting rapid SaaS environment attacks using voice phishing and SSO abuse for data theft and extortion. These threat groups operate almost entirely within SaaS platforms while leaving minimal forensic traces.

Read full article → https://thehackernews.com/2026/05/cybercrime-group…

Relevance score: 78.0/100

# More from May 02

  1. 1
    Nearly every Linux system built since 2017 vulnerable to ‘Copy Fail’ flaw The Record
  2. 2
    Critical cPanel and WHM bug exploited as a zero-day, PoC now available BleepingComputer
  3. 3
    76% of All Crypto Stolen in 2026 Is Now in North Korea Dark Reading
  4. 4
    30,000 Facebook Accounts Hacked via Google AppSheet Phishing Campaign The Hacker News
  5. 5
    15-year-old detained over French govt agency data breach BleepingComputer
  6. 6
    Cyber incident responders who carried out ransomware attacks given 4-year sentences The Record
  7. 8
    China-Linked Hackers Target Asian Governments, NATO State, Journalists, and Activists The Hacker News
  8. 9
    Poisoned Ruby Gems and Go Modules Exploit CI Pipelines for Credential Theft The Hacker News
  9. 10
    New Python Backdoor Uses Tunneling Service to Steal Browser and Cloud Credentials The Hacker News