12 Jul, 2026

New Helix vishing group emerges in SharePoint data theft attacks

A new data-extortion group called Helix is using identity-focused tactics such as voice phishing (vishing), device code phishing, and multi-factor authentication (MFA) abuse to steal data from SharePoint environments. Initial contact is made through vishing. In some cases, the threat actor called employees while impersonating their manager, using either the manager’s name or caller ID […]

2 mins read