ShinyHunters Launches Data Leak Site: Trinity of Chaos Announces New Ransomware Victims
Resecurity, October 3,2025
The Trinity of Chaos, a ransomware collective presumably associated with Lapsus$, Scattered Spider, and ShinyHunters groups, launched a Data Leak Site (DLS) on the TOR network containing 39 companies impacted by the attacks.
As detailed by Resecurity in our previous threat intelligence report, the group aims to continue its activities and has shifted toward a traditional ransomware modus operandi.
In fact, the group has not announced any new attacks but has released previously unavailable information about past successful attacks and shared samples of stolen data. Following previous Salesforce instances exploitation, the group released a message to the company threatening to release a massive number of records. The company downplayed these claims, stating that no new attacks or vulnerabilities had occurred. At the same time, it does not exclude the possibility that previous activity resulted in the compromise of customer instances at scale.