New Pink Extortion Group Targets Microsoft 365 Cloud Data Via Vishing Scams

Pink is a newly observed cybercrime group that conducts vishing-based credential theft to hijack active Microsoft 365 sessions, quickly exfiltrate OneDrive/SharePoint data using legitimate cloud tools, and publicly post victims on a data-leak site to extort payment; researchers note the group also uses fileless, memory-resident techniques to evade detection.