bug-bounty413
xss277
google249
microsoft215
facebook191
apple139
rce124
malware101
bragging-post92
account-takeover88
exploit86
csrf73
cve70
authentication-bypass67
privilege-escalation60
access-control53
phishing48
defi48
dos47
smart-contract47
ethereum44
writeup44
open-source43
supply-chain42
ssrf42
cloudflare42
sql-injection41
browser40
web339
stored-xss39
aws37
web-security36
docker36
input-validation36
ai-agents35
api-security34
smart-contract-vulnerability33
reverse-engineering32
react32
information-disclosure31
idor31
burp-suite30
oauth29
denial-of-service29
cross-site-scripting29
node28
reflected-xss28
race-condition27
web-application27
clickjacking25
0
5/10
Telus Digital confirmed a breach by ShinyHunters who stole approximately 1 petabyte of data by leveraging Google Cloud Platform credentials obtained from the Salesloft Drift breach, then pivoted through BigQuery and used credential scanning tools to access additional systems. The attack exposed customer data across 28+ companies using Telus' BPO services, along with call records, source code, and financial information.
data-breach
threat-intel
cloud-security
credential-theft
lateral-movement
google-cloud-platform
salesforce
bpo-targeting
extortion
sso-attacks
vishing
device-code-phishing
Telus Digital
ShinyHunters
Salesloft Drift
Mandiant
Google Cloud Platform
BigQuery
trufflehog
Salesforce
Okta
Microsoft
Google
Cisco
PornHub
Match Group
Microsoft Entra