BleepingComputerFriday · July 10, 2026FREE

New Helix vishing group emerges in SharePoint data theft attacks

vishingsharepointhelixsocial-engineeringdata-theft

A newly identified threat group tracked as Helix is targeting corporate SharePoint deployments through vishing (voice phishing) attacks. According to BleepingComputer, the group calls employees posing as IT support or other trusted roles, convincing them to disclose login credentials. Once access is obtained, the attackers log into the organization's SharePoint environment and download sensitive documents, including financial records, intellectual property, and employee personal information. The attacks have been observed against multiple organizations, though the full scope of victims is not yet known. Helix's methods highlight a growing trend of social engineering attacks that bypass technical security controls by targeting human users. The group's focus on SharePoint is notable because many organizations store critical data in the platform and may not have adequate monitoring for unauthorized access. BleepingComputer notes that the attacks have succeeded in several cases, leading to data breaches. The article does not specify the industries targeted or the geographic distribution of victims. No specific tools, malware, or infrastructure details about Helix are provided in the source. The emergence of this group underscores the need for organizations to strengthen identity verification processes and educate employees about vishing tactics.

// why it matters

Developers using SharePoint must ensure robust authentication and user training to prevent vishing-driven credential theft.

Sources

Primary · BleepingComputer
▸ Read original at bleepingcomputer.com

Like this? Get the next digest.

New Helix vishing group emerges in SharePoint data theft attacks — aigest.dev