Ongoing supply-chain attack 'explicitly targeting' security, dev tools
Vendor confirms repo data exposure after Lapsus$ claims source code, secrets dump
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
Vendor confirms repo data exposure after Lapsus$ claims source code, secrets dump
Vendor confirms repo data exposure after Lapsus$ claims source code, secrets dump Software security testing outfit Checkmarx has become the latest organization caught up in an ongoing attack on security-tool providers. The biz said data posted online appears to have come from one of its GitHub repositories after the Lapsus$ extortion crew claimed to have dumped the company’s source code, secrets, and other sensitive data.…
The source code for Grand Theft Auto 5 was reportedly leaked on Christmas Eve, a little over a year after the Lapsus$ threat actors hacked Rockstar games and stole corporate data. [...]
'Does have a somewhat Lapsus$ish feel' we're told The Medusa ransomware gang has posted what it claims is a massive leak of internal Microsoft materials, including Bing and Cortana source code.…
Telecom company T-Mobile on Friday confirmed that it was the victim of a security breach in March after the LAPSUS$ mercenary gang managed to gain access to its networks
KrebsOnSecurity recently reviewed a copy of the private chat messages between members of the LAPSUS$ cybercrime group in the week leading up to the arrest of its most active members last month. The logs show LAPSUS$ breached T-Mobile multiple times in March, stealing source code for a range of company projects. T-Mobile says no customer or government information was stolen in the intrusion. LAPSUS$ is known for stealing data and then demanding a ransom not to publish or sell it. But the leaked chats indicate this mercenary activity was of little interest to the tyrannical teenage leader of LAPSUS$, whose obsession with stealing and leaking proprietary computer source code from the world’s largest tech companies ultimately led to the group’s undoing.
IT and software consultancy firm Globant has confirmed that they were breached by the Lapsus$ data extortion group, where data consisting of administrator credentials and source code was leaked by the threat actors. [...]
The data-extortion gang got at Microsoft's Azure DevOps server. Meanwhile, fellow Lapsus$ victim and authentication firm Okta said 2.5 percent of customers were affected in its own Lapsus$ attack.
Plus: Microsoft reveals gang pulled off limited source code heist after single account compromised Identity management as-a-service platform Okta says the Lapsus$ extortion gang may in fact have managed to see some of its customers' data, and Microsoft has admitted the crew got its grubby paws on some source code.…
Microsoft confesses gang pulled off limited source code heist after single account compromised Identity management as-a-service platform Okta has admitted that the Lapsus$ extortion gang managed to see some of its customers' data, and Microsoft has admitted the gang got its grubby paws on some source code.…
Microsoft has confirmed that one of their employees was compromised by the Lapsus$ hacking group, allowing the threat actors to access and steal portions of their source code. [...]
Screenshots that ransomware gang Lapsus$ released this week suggest the threat actor also stole Microsoft source code.
Microsoft and authentication services provider Okta said they are investigating claims of a potential breach alleged by the LAPSUS$ extortionist gang
The Lapsus$ hacking group claims to have leaked the source code for Bing, Cortana, and other projects stolen from Microsoft's internal Azure DevOps server. [...]
Microsoft says they are investigating claims that the Lapsus$ data extortion hacking group breached their internal Azure DevOps source code repositories and stolen data. [...]
The move comes just a week after GPU-maker NVIDIA was hit by Lapsus$ and every employee credential was leaked.
190GB worth of internal files, looks like source code for proprietary tech including Knox, Bootloader and more Samsung has acknowledged its data was stolen after the Lapsus$ extortion gang deposited what appears to be 190GB of the company's stolen internal files online.…
The Lapsus$ data extortion group leaked today a huge collection of confidential data they claim to be from Samsung Electronics, the South Korean giant consumer electronics company. [...]