Tag: group
-
Checkmarx confirms LAPSUS$ hackers leaked its stolen GitHub data
Application security company Checkmarx has confirmed that the LAPSUS$ threat group leaked data stolen from its private GitHub repository. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/checkmarx-confirms-lapsus-hackers-leaked-its-stolen-github-data/
-
From Shadow AI to Full Control: FireTail’s Q1 2026 Updates FireTail Blog
Apr 28, 2026 – Timo Rüppell – Most security teams have accepted a hard truth in recent months. AI has already arrived in your organization. It resides in your codebase, runs in your cloud infrastructure, and is likely open in a nearby browser tab right now.The question is no longer whether to let AI in.…
-
VECT: Ransomware by design, Wiper by accident
ey Takeaways Background VECT Ransomware is a Ransomware-as-a-Service (RaaS) program that made its first appearance in December 2025 on a Russian-language cybercrime forum. After claiming their first two victims in January 2026, the group got back into the public eye due to an announcement of a partnership with TeamPCP, the actor behind several supply-chain attacks…
-
Lloyds Bank compensates another 1,625 customers after ‘alarming’ data breach
Bank pays out compensation to more customers and reveals expansion of affected group First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366642496/Lloyds-Bank-compensates-another-1625-customers-after-alarming-data-breach
-
Lloyds Bank compensates another 1,625 customers after ‘alarming’ data breach
Bank pays out compensation to more customers and reveals expansion of affected group First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366642496/Lloyds-Bank-compensates-another-1625-customers-after-alarming-data-breach
-
Lloyds Bank compensates another 1,625 customers after ‘alarming’ data breach
Bank pays out compensation to more customers and reveals expansion of affected group First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366642496/Lloyds-Bank-compensates-another-1625-customers-after-alarming-data-breach
-
Checkmarx Confirms Security Incident Involving GitHub Repository Exposure
Tags: application-security, ciso, cyber, cybercrime, data, data-breach, github, group, security-incidentApplication security provider Checkmarx has officially confirmed a new security incident involving the exposure of its internal GitHub repository. On April 27, 2026, Udi-Yehuda Tamar, the company’s VP of Platform Engineering and Global CISO, revealed that a cybercriminal group successfully leaked Checkmarx data on the dark web. This alarming development stems from an earlier security…
-
Ransomware Turf War as 0APT and KryBit Groups Trade Blows
Ransomware groups 0APT and KryBit have doxxed each other online First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/ransomware-turf-war-0apt-krybit/
-
Fake Tax Audits and Updates Fuel Silver Fox Malware Campaign
A China-linked threat group known as Silver Fox is running a new wave of cyber campaigns using fake tax audit notifications and software update lures to deliver malware across Asia. Active since at least 2022, the group initially focused on financially motivated attacks but, since 2024, has evolved into a dual-purpose operation combining cybercrime and…
-
Sandworm Uses SSH-over-Tor Tunnel for Stealthy Long-Term Persistence
A significant evolution in Sandworm (APT-C-13) tradecraft, revealing the group’s use of SSH-over-Tor tunneling to achieve long-term, covert persistence inside targeted networks. Sandworm, also known as FROZENBARENTS, is a state-sponsored threat group active since 2014. It has consistently targeted government bodies, energy firms, and research institutions, focusing on intelligence collection. The attack begins with spear-phishing…
-
Chinese Silk Typhoon Hacker Extradited to U.S. Over COVID Research Cyberattacks
A Chinese national accused of being a member of the Silk Typhoon hacking group has been extradited to the U.S. from Italy. Xu Zewei, 34, was arrested in July 2025 by Italian authorities for his alleged links to the Chinese state-sponsored threat group and for orchestrating cyber attacks against American organizations and government agencies between…
-
North Korean Hackers Target Crypto Firms with ClickFix and AI-Made Zoom Lures
Arctic Wolf attributed this large-scale spear-phishing campaign to BlueNoroff, a financially motivated subgroup of the Lazarus Group First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/bluenoroff-dprk-hackers-target/
-
OilRig Hides C2 Config in Google Drive Image via LSB Steganography
APT-C-49 (OilRig), an Iranian state-sponsored advanced persistent threat group also known as APT34 and Helix Kitten, has deployed a sophisticated new attack campaign that conceals command-and-control configurations inside Google Drive images using LSB steganography. The group, which has been active since at least 2014, primarily targets government, energy, telecommunications, and financial sectors across the Middle…
-
Trust, Risk, and the CISOs Protecting Michigan’s Financial Institutions
Financial services cybersecurity in Michigan does not all look the same. The CISOs in this feature are securing a wealth management firm, a specialty insurance group, a farm credit institution, a community bank, a credit union serving a major university’s community, and another credit union with a decade of continuous security leadership. The regulatory frameworks,…The…
-
Pentagon’s Anthropic Fight Draws Rebuke From Ex-DOD Leaders
Former Officials, Tech Groups Say Anthropic Designation Is Illegal – and Dangerous. Former U.S. defense and intelligence officials argue the Pentagon’s designation of Anthropic as a supply-chain risk was politically motivated and legally flawed, warning it could erode trust in government contracting and weaken the defense AI ecosystem. First seen on govinfosecurity.com Jump to article:…
-
ADT Breach Exposes Data of 5.5 Million Customers, ShinyHunters Likely Behind Attack
The ShinyHunters extortion group is claiming responsibility for a breach of home and commercial security vendor ADT that exposed the data of 5.5 million customers. attack appears to be part of a larger and ongoing vishing campaign being run by the prolific threat actors. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/04/adt-breach-exposes-data-of-5-5-million-customers-shinyhunters-likely-behind-attack/
-
Medtronic discloses security incident after ShinyHunters claimed theft of 9M+ records
Medtronic confirmed a breach of its IT systems after ShinyHunters claimed the theft of over 9 million records. Medtronic confirmed a cyberattack on its corporate IT systems after the hacker group ShinyHunters claimed to have stolen over 9 million records. The company did not share details on the security breach. Medtronic is an international medical…
-
Hacker who allegedly carried out cyberattacks for China is extradited to US
Xu Zewei is accused of participating in a Chinese government hacking group that broke into thousands of U.S. organizations and stole COVID-19-related research. First seen on techcrunch.com Jump to article: techcrunch.com/2026/04/27/hacker-who-allegedly-carried-out-cyberattacks-for-china-is-extradited-to-u-s/
-
Hacker who allegedly carried out cyberattacks for China is extradited to U.S.
Xu Zewei is accused of participating in a Chinese government hacking group that broke into thousands of U.S. organizations and stole COVID-19-related research. First seen on techcrunch.com Jump to article: techcrunch.com/2026/04/27/hacker-who-allegedly-carried-out-cyberattacks-for-china-is-extradited-to-u-s/
-
Home Security Firm ADT Breach: 5.5M Customers’ Data Exposed
Prolific ShinyHunters Extortion Group Made ‘Pay or Leak’ Threat to Victim. Home security giant ADT has suffered a data breach that appears to have exposed personally identifiable information tied to 5.5 million customers. Prolific extortionist group ShinyHunters claimed credit for the attack, saying it stole Salesforce data after socially engineering an ADT employee. First seen…
-
Checkmarx Confirms GitHub Repository Data Posted on Dark Web After March 23 Attack
Checkmarx has disclosed that its ongoing investigation tied to the supply chain security incident has revealed that a cybercriminal group published data related to the company on the dark web.”Based on current evidence, we believe this data originated from Checkmarx’s GitHub repository, and that access to that repository was facilitated through the initial supply chain…
-
Italy extradites alleged Chinese state hacker to US
A Chinese national accused of being a member of a state-backed hacking group that allegedly broke into systems to steal COVID-19 vaccine information has been extradited to the U.S. from Milan. First seen on therecord.media Jump to article: therecord.media/chinese-hacker-italy-extradited
-
Home security giant ADT data breach affects 5.5 million people
The ShinyHunters extortion group stole the personal information of 5.5 million individuals after breaching the systems of home security giant ADT earlier this month, according to data breach notification service Have I Been Pwned. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/home-security-giant-adt-data-breach-affects-55-million-people/
-
China-Backed Groups are Using Massive Botnets in Espionage, Intrusion Campaigns
China-sponsored threat groups like Salt Typhoon and Flax Typhoon are increasingly relying on multiple massive botnets comprising edge and IoT devices to run their cyber espionage and network intrusion campaigns, CISA and other security agencies say. The use of such “covert networks” makes it more difficult to detect and mitigate their campaigns. First seen on…
-
Attackers use MS Teams, fake mailbox repair utility to breach organizations
A threat group has penetrated corporate networks by impersonating IT helpdesk staff on Microsoft Teams, tricking employees into downloading malware and surrendering their … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/04/27/attackers-use-ms-teams-fake-mailbox-repair-utility/
-
PhantomCore Exploits TrueConf Vulnerabilities to Breach Russian Networks
A pro-Ukrainian hacktivist group called PhantomCore has been attributed to attacks actively targeting servers running TrueConf video conferencing software in Russia since September 2025.That’s according to a report published by Positive Technologies, which found the threat actors to be leveraging an exploit chain comprising three vulnerabilities to execute commands remotely on susceptible First seen on…
-
BlackFile Group Targets Retail and Hospitality with Vishing Attacks
Researchers uncover a new data theft and extortion group dubbed “BlackFile” First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/blackfile-group-targets-retail/
-
BlackFile Group Targets Retail and Hospitality with Vishing Attacks
Researchers uncover a new data theft and extortion group dubbed “BlackFile” First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/blackfile-group-targets-retail/
-
BlackFile Group Targets Retail and Hospitality with Vishing Attacks
Researchers uncover a new data theft and extortion group dubbed “BlackFile” First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/blackfile-group-targets-retail/
-
GopherWhisper: new China-linked APT targets Mongolia with Go-based malware
ESET found a new China-linked APT, tracked as GopherWhisper, targeting Mongolia using Go-based malware, loaders, and backdoors. ESET researchers uncovered a new China-aligned APT group called GopherWhisper, targeting government institutions in Mongolia. The group’s arsenal includes a range of tools mainly written in Go, such as loaders and injectors, which are used to deploy multiple…