Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

125 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 20 most recent headlines of 125 Filtered view
Bank Info Security 1 month, 3 weeks ago

GitHub Hacked, Internal Repositories Offered for Sale

A Single Developer Downloaded a Poisoned VS Code Extension, and Now LookGitHub warned late Tuesday that hackers stole roughly 3,800 internal repositories from the Microsoft-owned platform after a developer used a poisoned VS Code script, which is developed by Microsoft. TeamPCP and Lapsus$ appear to be cooperating to sell the stolen data for $95,000.

Vendor confirms repo data exposure after Lapsus$ claims source code, secrets dump Software security testing outfit Checkmarx has become the latest organization caught up in an ongoing attack on security-tool providers. The biz said data posted online appears to have come from one of its GitHub repositories after the Lapsus$ extortion crew claimed to have dumped the company’s source code, secrets, and other sensitive data.…

Crims 'creating a snowball effect' across open source projects RSAC 2026 Thousands of organizations' cloud environments have been infected with secret-stealing malware as a result of the Trivy supply-chain attack last week, and now the crims that compromised the open source scanners are working with notorious extortion crews like Lapsus$.…

Bank Info Security 6 months, 1 week ago

Deception Tech Snares Shiny Hunter Attacker's IP Address

Targeted Threat Intel Firm Shares Details With Police After Honeypot HitGetting owned by deception technology isn't good news for one's criminal brand or ability to remain at large. Just ask the band of young hackers behind "Scattered Lapsus$ Shiny Hunters," when one of their ilk fell into a security firm's honeytrap, revealing his actual IP address in the process.

Subpoena issued to former ShinyHunters member Resecurity offered its "congratulations" to the Scattered Lapsus$ Hunters cybercrime crew for falling into its threat intel team's honeypot – resulting in a subpoena being issued for one of the data thieves. Meanwhile, the notorious extortionists have since removed their claims of gaining "full access" to the security shop's systems.…

Bank Info Security 7 months, 2 weeks ago

Scattered Lapsus$ Hunters Tied to Targeting of Zendesk Users

Uncovered: Typosquatted Domains Linked to Suspected Ransomware Group CampaignContinuing its targeting of customer data, the cybercrime group Scattered Lapsus$ Hunters appears to be gearing up for large-scale attacks involving typosquatted domains that lead to phishing domains designed to steal Zendesk users' valid credentials, warn security researchers.

Krebs on Security 7 months, 3 weeks ago

Meet Rey, the Admin of ‘Scattered Lapsus$ Hunters’

A prolific cybercriminal group that calls itself "Scattered LAPSUS$ Hunters" made headlines regularly this year by stealing data from and publicly mass extorting dozens of major corporations. But the tables seem to have turned somewhat for "Rey," the moniker chosen by the technical operator and public face of the hacker group: Earlier this week, Rey confirmed his real life identity and agreed to an interview after KrebsOnSecurity tracked him down and contacted his father.

Bank Info Security 7 months, 3 weeks ago

Salesforce Details Supply Chain Attack Targeting Gainsight

Cybercrime Group ShinyHunters Claims to Steal Data From 300 OrganizationsThe attack that targeted customer data management tool Gainsight resulted in the theft of information from approximately 300 Salesforce-using firms, the Scattered Lapsus$ Hunters subgroup ShinyHunters has claimed. Salesforce and Gainsight have shared more details as their investigation continues.

Loading more headlines...