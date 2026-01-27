Preemptive cyber defense team releases list of 100+ high-value targets

We expect the targeting list to evolve rapidly as the threat actors rotate through different sectors.” — Zach Edwards

RESTON, VA, UNITED STATES, January 27, 2026 / EINPresswire.com / -- Silent Push , a leading preemptive cybersecurity vendor, has announced the discovery of an expansive phishing and vishing (voice phishing) campaign targeting Okta Single Sign-On (SSO) accounts across a diverse range of global industries.Silent Push enterprise customers have access to its proprietary Indicators of Future Attack™ (IOFA™) feeds, which enable them to preemptively block malicious domains used by groups such as SLSH before attacks are fully launched.Following recent reports from BleepingComputer and Okta about a sophisticated, live phishing panel, Silent Push researchers have been tracking a large-scale operation that mirrors the panel's tactics, techniques, and procedures (TTPs). While the threat group known as SLSH has not officially claimed responsibility, Silent Push intelligence strongly suggests the campaign aligns with the group’s established motives and technical signatures.Who is SLSH?SLSH (Scattered LAPSUS$ Hunters) is a formidable cybercriminal "supergroup" alliance that emerged in 2025. It represents a malicious merger of three notorious entities: Scattered Spider (specialists in social engineering), LAPSUS$ (experts in data extortion), and ShinyHunters (masters of data exfiltration).Anatomy of the AttackThe campaign uses a "live" phishing panel, enabling threat actors to intercept credentials and Multi-Factor Authentication (MFA) tokens in real time. By utilizing vishing to manipulate employees, attackers can push new prompts to victims’ devices via the panel, effectively bypassing traditional security hurdles to gain unauthorized access to sensitive corporate data.High-Risk Sectors and OrganizationsSilent Push has identified over 100 companies that have been actively targeted within the last 30 days. The list spans critical infrastructure, finance, biotechnology, and legal services. Notable organizations identified as being at risk include:-Finance & Private Equity: Adyen, Blackstone, Apollo Global Management, RBC, SoFi, and State Street.-Tech & Software: Atlassian, HubSpot, Epic Games, Canva, ZoomInfo, and RingCentral.-Energy & Utilities: Halliburton, Sempra Energy, Invenergy, and American Water.-Real Estate: CBRE, Zillow, WeWork, Redfin, and Cushman & Wakefield.-Biotech & Healthcare: Moderna, Gilead Sciences, Amgen, Biogen, and ResMed.List of Recently Targeted EntitiesCompanies-Technology & Software: Atlassian, AppLovin, Canva, Epic Games, Genesys, HubSpot, RingCentral, ZoomInfo, Iron Mountain.-Fintech & Payments: Adyen, Jack Henry, Shift4 Payments, SoFi.-Biotech & Pharma: Alnylam, Amgen, Arvinas, Biogen, Gilead Sciences, Moderna, Neurocrine Biosciences.-Financial Services / Banking: Apollo Global Management, Blackstone, Cohen & Steers, Frost Bank, goeasy Ltd., Guild Mortgage, Morningstar, RBC, Securian Financial, State Street, TPG Capital.-Real Estate (REITs & Investment): Avison Young, Brixmor Property, CBRE, Centerspace, Colliers, eXp Realty, Goodman Group, Howard Hughes Corp, Kennedy Wilson, Macerich, Public Storage, Realty Income, Redfin, RE/MAX, Simon Property Group, WeWork.-Real Estate Tech / Software: Entrata, RealPage, Zillow.-Infrastructure, Energy & Utilities: Acco Engineered Systems, AECOM, Alliant Energy, American Water, Beach Energy, Cenovus Energy, CMS Energy, DistributionNOW, Halliburton, Invenergy, MasTec, NOV Inc., Oceaneering, Sempra Energy, Sunrun, Talen Energy.-Healthcare & MedTech: Bayshore Healthcare, Globus Medical, GoodRx, ResMed, Surgery Partners, UCHealth.-HR Tech & Outsourcing: Awardco, Cornerstone OnDemand, Gusto, TriNet.-Logistics & Transportation: Brambles (CHEP), Crowley, Covenant Logistics, Lineage Logistics, Pitney Bowes.-Manufacturing & Industrial: Ball Corp, BlueLinx, Canfor, Littelfuse, Methode Electronics, Reliance Steel.-Retail & Consumer Goods: Amway, Carvana, Do it Best, GameStop, Murphy USA, Sargento Foods, Sonos, Spin Master, Lamb Weston.-Insurance: HBF Health, Mercury Insurance, Risk Strategies.-Legal Services: Jones Day, Perkins Coie.-Media, Education & Hospitality: Cengage, Choice Hotels, Hearst.-Telecommunications: Telstra.A Growing Threat Landscape"This campaign demonstrates a high level of persistence and adaptability," said Silent Push Senior Threat Analyst Zach Edwards. "The use of live interaction panels means that even organizations with MFA are vulnerable if their employees are successfully socially engineered. We expect the targeting list to evolve rapidly as the threat actors rotate through different sectors."Silent Push is currently monitoring these activities through its proprietary Indicator of Future Attack™ (IOFA™) feeds. This technology enables Silent Push to track the underlying infrastructure used by groups such as SLSH before attacks are fully launched.To learn more, start a conversation with Silent Push preemptive cyber defense experts and Book a Demo to see how we can help you uncover attacker infrastructure by searching smarter, faster, and with greater confidence.About Silent PushSilent Push provides a Preemptive Cyber Defense platform powered by the Context Graph. By providing real-time visibility into previously unknown adversary infrastructure, the platform enables security teams to detect emerging threats earlier, investigate activity more quickly, and respond before attacks escalate. The Silent Push standalone platform is also available via API, integrating with various security tools, including SIEM & XDR, SOAR, TIP, and OSINT, providing automated enrichment and actionable intelligence. Customers include some of the world's largest enterprises within the Fortune 500 as well as government agencies. A free Community Edition is available. For more information, visit www.silentpush.com or follow on LinkedIn and X.

