[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fE3RwmZsrWOxmQy6aHOJ5B8C48kP2lh5VW5r5_svSleI":3},{"article":4,"iocs":39},{"id":5,"title":6,"slug":7,"summary":8,"ai_summary":9,"brief":10,"full_text":11,"url":12,"image_url":13,"published_at":14,"ingested_at":15,"relevance_score":16,"entities":17,"category_id":24,"category":25,"article_tags":28},"1cf9eee7-a628-475b-9fdb-9d464ef3a4be","We are tracking Pink (CL-CRI-1147), a new Com-affiliated extortion brand whose leak site went liv...","we-are-tracking-pink-cl-cri-1147-a-new-com-affiliated-extortion-brand-whose-leak-f6a808","We are tracking Pink (CL-CRI-1147), a new Com-affiliated extortion brand whose leak site went live 5\u002F31\u002F26. Pink uses vishing and IT impersonation to phish credentials\u002FMFA, then exfiltrates enterprise cloud storage and productivity data to extort victims: https:\u002F\u002Ft.co\u002FgyaGA1iG1S https:\u002F\u002Ft.co\u002FXiZ0zCGnqX","A newly tracked threat group called Pink (CL-CRI-1147), affiliated with the Com ransomware operation, has launched a leak site as of May 31, 2026. The group uses vishing and IT impersonation tactics to harvest credentials and MFA bypass techniques, then exfiltrates enterprise cloud storage and productivity data for extortion purposes.","Pink, new Com-affiliated extortion group, launches leak site targeting enterprise cloud storage via credential phishing.",null,"https:\u002F\u002Fx.com\u002FUnit42_Intel\u002Fstatus\u002F2062216815967625558","https:\u002F\u002Fpbs.twimg.com\u002Fmedia\u002FHJ53NdJW4AEZdWP.jpg","2026-06-03T16:56:17+00:00","2026-06-03T17:00:14.570657+00:00",8,[18,21],{"name":19,"type":20},"Pink (CL-CRI-1147)","threat_actor",{"name":22,"type":23},"Com ransomware operation","campaign","7d8b5ab8-ea0b-4ced-ae97-ec251b86993a",{"id":24,"icon":11,"name":26,"slug":27},"Ransomware","ransomware",[29,34],{"category":30},{"id":31,"icon":11,"name":32,"slug":33},"2c8f44d4-b56e-47cf-9677-04f22c9ee78d","Identity & Access","identity-access",{"category":35},{"id":36,"icon":11,"name":37,"slug":38},"e7b231c8-5f79-4465-8d38-1ef13aea5a14","Threat Intelligence","threat-intelligence",[40,44],{"type":41,"value":42,"context":43},"malware","Pink","New Com-affiliated extortion brand\u002Fransomware operation",{"type":41,"value":45,"context":46},"Com","Parent ransomware operation affiliated with Pink extortion group"]