Since late December 2025, Unit 42 has responded to numerous incidents across various industries i...

Unit 42 has responded to multiple incidents since late December 2025 involving data theft and extortion campaigns attributed to BlingLibra (ShinyHunters) and affiliated threat actors across various industries. The incidents indicate an active extortion campaign targeting organizations with data exfiltration and ransom demands.