A new cybercrime group called Pink is targeting corporate data for financial extortion. Palo Alto Networks’ research division, Unit 42, first exposed this threat, believed to be linked with the broader Com network.

The researchers tracked the group under the cluster code CL-CRI-1147, and reported that Pink launched a dedicated data leak site on 31 May 2026, listing several initial victims.

Building on Unit 42’s data, security analytics firm Gurucul released a follow-up analysis on 4 June 2026 to help companies spot the group’s footprint inside corporate networks...