Stay updated on Lapsus threats. Expert analysis, latest breaches, and cybersecurity defenses against the notorious hacking group.
Search across headline titles and summaries.
Background for this topic.
Lapsus$ is a notable cybercriminal group that has risen to notoriety for their string of high-profile corporate hacks and extortion attempts. In the landscape of information security, Lapsus$ represents a significant threat due to their aggressive tactics, which include data theft, data leakage, and demanding ransoms from their targets. This group is known for targeting large multinational companies and has a reputation for bypassing sophisticated security measures to obtain sensitive proprietary information.
Their methods often involve social engineering, compromising employee accounts, and exploiting vulnerabilities within networks and systems. Understanding the tactics and techniques used by Lapsus$ is crucial for security professionals as it aids in enhancing cyber defenses, developing better security protocols, and raising awareness about the evolving landscape of cybersecurity threats.
Weekly headline count for the current query.
A Single Developer Downloaded a Poisoned VS Code Extension, and Now LookGitHub warned late Tuesday that hackers stole roughly 3,800 internal repositories from the Microsoft-owned platform after a developer used a poisoned VS Code script, which is developed by Microsoft. TeamPCP and Lapsus$ appear to be cooperating to sell the stolen data for $95,000.
Application security company Checkmarx has confirmed that the LAPSUS$ threat group leaked data stolen from its private GitHub repository. [...]
Vendor confirms repo data exposure after Lapsus$ claims source code, secrets dump
Vendor confirms repo data exposure after Lapsus$ claims source code, secrets dump Software security testing outfit Checkmarx has become the latest organization caught up in an ongoing attack on security-tool providers. The biz said data posted online appears to have come from one of its GitHub repositories after the Lapsus$ extortion crew claimed to have dumped the company’s source code, secrets, and other sensitive data.…
As organizations disclose breaches tied to TeamPCP's supply chain attacks, ShinyHunters and Lapsus$ are getting involved, taking credit, and creating a murky situation for enterprises.
TeamPCP is exploring ways to monetize the secrets harvested during supply chain attacks, with identified ties to the Lapsus$ and Vect ransomware gangs
Crims 'creating a snowball effect' across open source projects RSAC 2026 Thousands of organizations' cloud environments have been infected with secret-stealing malware as a result of the Trivy supply-chain attack last week, and now the crims that compromised the open source scanners are working with notorious extortion crews like Lapsus$.…
Telegram posts promise up to $1,000 per call as gang refines IT helpdesk ruse Prolific cybercrime crew Scattered Lapsus$ Hunters (SLSH) is reportedly recruiting women in the hope of improving its social engineering success.…
The notorious cybercrime collective known as Scattered LAPSUS$ Hunters (SLH) has been observed offering financial incentives to recruit women to pull off social engineering attacks
A prolific data ransom gang that calls itself Scattered Lapsus ShinyHunters (SLSH) has a distinctive playbook when it seeks to extort payment from victim firms: Harassing, threatening and even swatting executives and their families, all while notifying journalists and regulators… Read More »
Targeted Threat Intel Firm Shares Details With Police After Honeypot HitGetting owned by deception technology isn't good news for one's criminal brand or ability to remain at large. Just ask the band of young hackers behind "Scattered Lapsus$ Shiny Hunters," when one of their ilk fell into a security firm's honeytrap, revealing his actual IP address in the process.
Scattered Lapsus$ Hunters, also known as ShinyHunters, were drawn in using a realistic, yet mostly fake, dataset.
Subpoena issued to former ShinyHunters member Resecurity offered its "congratulations" to the Scattered Lapsus$ Hunters cybercrime crew for falling into its threat intel team's honeypot – resulting in a subpoena being issued for one of the data thieves. Meanwhile, the notorious extortionists have since removed their claims of gaining "full access" to the security shop's systems.…
Uncovered: Typosquatted Domains Linked to Suspected Ransomware Group CampaignContinuing its targeting of customer data, the cybercrime group Scattered Lapsus$ Hunters appears to be gearing up for large-scale attacks involving typosquatted domains that lead to phishing domains designed to steal Zendesk users' valid credentials, warn security researchers.
ReliaQuest finds fresh crop of phishing domains and toxic tickets Scattered Lapsus$ Hunters may be circling Zendesk users for its latest extortion campaign, with new phishing domains and weaponized helpdesk tickets uncovered by ReliaQuest.…
New phishing domains point to a campaign from the notorious Scattered Lapsus$ Hunters collective
A prolific cybercriminal group that calls itself "Scattered LAPSUS$ Hunters" made headlines regularly this year by stealing data from and publicly mass extorting dozens of major corporations. But the tables seem to have turned somewhat for "Rey," the moniker chosen by the technical operator and public face of the hacker group: Earlier this week, Rey confirmed his real life identity and agreed to an interview after KrebsOnSecurity tracked him down and contacted his father.
Cybercrime Group ShinyHunters Claims to Steal Data From 300 OrganizationsThe attack that targeted customer data management tool Gainsight resulted in the theft of information from approximately 300 Salesforce-using firms, the Scattered Lapsus$ Hunters subgroup ShinyHunters has claimed. Salesforce and Gainsight have shared more details as their investigation continues.
Carmaker Resumes Full ProductionThe September cyberattack on Jaguar Land Rover resulted in a company loss of roughly $260 million, the British carmaker reported Friday while also announcing a resumption of normal production. Cybercrime group "Scattered Lapsus$ Hunters" took responsibility for the hack.
The nascent collective that combines three prominent cybercrime groups, Scattered Spider, LAPSUS$, and ShinyHunters, has created no less than 16 Telegram channels since August 8, 2025