Mandiant reports ShinyHunters-linked vishing attacks abusing MFA and SSO to breach SaaS apps, steal data, and extort organizations.