Meet Rey, the Admin of ‘Scattered Lapsus$ Hunters’

A detailed investigative report links the Scattered LAPSUS$ Hunters (SLSH) — an amalgam of Scattered Spider, LAPSUS$, and ShinyHunters — to a large-scale extortion campaign that used voice phishing and malicious apps to steal Salesforce access, published a data-leak portal listing dozens of victim companies (including Toyota, FedEx, Disney/Hulu, UPS), solicited insider access, and recently announced a new ransomware-as-a-service called ShinySp1d3r; the piece also traces operational mistakes and infostealer-exposed credentials that identified the group’s operator “Rey” as Saif Al-Din Khader in Amman, Jordan.