my photo

John Z Black

Brunswick, ME • (207) 245-1010 • contact@johnzblack.com

Blog / #shinyhunters

Two Breaches Today. One Was Careful. One Was a Unlocked Door. Both Were Catastrophic.

John Z Black Apr 14, 2026

Incidents & Breaches #rockstar #shinyhunters #data-breach #snowflake #alinto #supply-chain #third-party-risk

ShinyHunters dumped 78.6 million Rockstar records after the ransom deadline expired. They never touched Rockstar directly. They went through a cloud analytics vendor. Meanwhile, a French email provider left an Elasticsearch cluster open to the internet and exposed 40 million records across L'Oreal, Renault, and French government embassies.

Read More

TeamPCP's Criminal Empire Is Growing and Nobody Agrees Who's Running It

John Z Black Apr 5, 2026

Ransomware & Cybercrime #teampcp #canisterworm #supply-chain #ransomware #vect #shinyhunters #lapsus

TeamPCP has evolved from cloud extortion to a criminal franchise operation with a wiper targeting Iran, a ransomware partnership with 300K affiliates, and public feuds with other threat actors.

Read More

TeamPCP Hacked the European Commission Through a Security Scanner

John Z Black Apr 4, 2026

Incidents & Breaches #teampcp #european-commission #supply-chain #shinyhunters #cert-eu

TeamPCP breached the European Commission via a poisoned version of Trivy. Data from 30+ EU entities got exposed. ShinyHunters leaked it all. The irony of a security tool being the attack vector writes itself.

Read More

ShinyHunters Popped a Telehealth Giant Through Its Help Desk

John Z Black Apr 4, 2026

Incidents & Breaches #shinyhunters #hims-hers #zendesk #okta #healthcare #telehealth #sso #social-engineering

Two employees tricked out of their Okta creds. Millions of telehealth support tickets stolen. And Hims says no medical records were exposed. Sure.

Read More

ShinyHunters Just Hit the EU. Here's Why They Keep Getting Away With It.

John Z Black Mar 31, 2026

Incidents & Breaches #shinyhunters #european-commission #data-breach #aws #cloud-security #ticketmaster #europa-eu #extortion

Read More

Your Vendors Got Hacked: Supply Chain Breaches Keep Piling Up

John Z Black Mar 10, 2026

Breaches & Incidents #supply-chain #salesforce #shinyhunters #healthcare #cognizant #trizetto #ericsson #breach

ShinyHunters hit 400 companies through Salesforce misconfigs. Cognizant lost 3.4 million patient records. Ericsson got popped via a vendor. The supply chain is the perimeter now, and it's breaking.

Read More