New Helix vishing group emerges in SharePoint data theft attacks
A new threat actor named Helix has been observed conducting vishing attacks to steal data from SharePoint environments. The group uses phone calls to trick employees into providing credentials, then accesses corporate SharePoint sites to exfiltrate sensitive documents. The attacks have targeted multiple organizations, raising concerns about the effectiveness of security awareness training.
Developers using SharePoint must ensure robust authentication and user training to prevent vishing-driven credential theft.


