Collecting Cyber-News from over 60 sources

Tag: leak

Senator presses CISA for answers about alleged GitHub repository leak

May 20, 2026 3:00 PM

Tags: breach, cisa, cybersecurity, github, government, infrastructure, leak

U.S. Senator Maggie Hassan (D-NH) sent a letter to the acting director of the Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday demanding answers about an alleged breach uncovered by cybersecurity reporter Brian Krebs involving government contractor Nightwing. First seen on therecord.media Jump to article: therecord.media/hassan-presses-cisa-github-leak
Old Breaches Resold as New Corporate Data Leaks

May 20, 2026 3:00 PM

Tags: breach, china, corporate, cyber, cybercrime, dark-web, data, group, leak

Dark web data brokers are increasingly recycling old breach data and marketing it as fresh corporate leaks. The activity, largely observed in Chinese-language cybercrime forums and Telegram channels, is creating confusion among organizations and diverting security resources toward investigating claims that often lack credibility. Group-IB identified a surge in high-volume data advertisements targeting companies across…
Hardware being destroyed by users fearful of data leaks

May 20, 2026 7:00 AM

Tags: data, Hardware, leak

In an effort to ensure data leaks won’t came back and haunt them, significant numbers of customers are dumping machines that could have a second life First seen on computerweekly.com Jump to article: www.computerweekly.com/microscope/news/366643475/Hardware-being-destroyed-by-users-fearful-of-data-leaks
CISA credential leak raises alarms, and Capitol Hill demands answers

May 20, 2026 5:00 AM

Tags: cisa, credentials, data-breach, github, leak

A researcher who found a repository that leaked on GitHub said it was one of the worst he’s witnessed. First seen on cyberscoop.com Jump to article: cyberscoop.com/cisa-credential-leak-congress-demands-answers/
AI Agent Security: Automating Workflow Without Creating Prompt Injection or Data Leak Risks

May 20, 2026 12:00 AM

Tags: ai, data, injection, leak, risk

AI agent security starts with a simple fact: the more authority an agent has, the tighter its access… First seen on hackread.com Jump to article: hackread.com/ai-agent-security-automating-prompt-injection-data-leak/
CISA GitHub Leak Exposes AWS GovCloud Secrets

May 19, 2026 11:00 PM

Tags: cisa, credentials, data-breach, github, leak

A public GitHub repository tied to a CISA contractor reportedly exposed AWS GovCloud credentials and internal deployment data. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/cisa-github-leak-exposes-aws-govcloud-secrets/
Shai-Hulud worm copycats emerge after source code leak

May 19, 2026 11:00 AM

Tags: data-breach, leak, malware, supply-chain, worm

Shai-Hulud worm copycats are already attacking NPM developers after its source code leaked, enabling fast supply chain exploitation. The first copycats of the Shai-Hulud worm have already started showing up online, only a few days after the malware’s source code was dumped on GitHub. Researchers had warned this would happen almost immediately, and they were…
Compromised Nx Console VS Code Extension Steals Developer and Cloud Secrets

May 19, 2026 8:00 AM

Tags: cloud, credentials, cyber, leak, malicious, tool

Nx Console’s popular VS Code extension was briefly weaponized into a credential-stealing tool that can leak developer and cloud secrets and plant a persistent backdoor. Anyone who installed v18.95.0 should treat their environment as fully compromised. On May 18, 2026, a malicious build of the Nx Console VS Code extension, nrwl.angular-console v18.95.0 was published to the Visual…
Wachsende Verwundbarkeit des Wirtschaftsstandorts Deutschland

May 19, 2026 7:00 AM

Tags: germany, leak, nis-2, ransomware

Die wichtigsten Punkte im Überblick: Die Zahl der auf Leak-Seiten veröffentlichten Ransomware-Fälle in Deutschland stieg 2025 um 92 Prozent. Diese Entwicklung ist ein deutliches Warnsignal für die Verwundbarkeit des Wirtschaftsstandorts Deutschland. Cybererpressung hat sich zu einem professionalisierten und industrialisierten Geschäftsmodell entwickelt. Unternehmen stehen gleichzeitig unter Druck durch steigende Bedrohungen und komplexe Regulierungen wie NIS2, DORA……
Grafana confirms GitHub token breach cybercrime group claims the attack

May 18, 2026 10:00 PM

Tags: attack, breach, cybercrime, data, data-breach, extortion, github, group, leak, security-incident, theft

Grafana confirmed a GitHub token breach that exposed source code, but said no customer data or systems were affected. Grafana Labs confirmed a security incident after the extortion group Coinbase Cartel listed it on a leak site and claimed data theft on May 15. The breach was triggered by a compromised token that gave attackers…
18th May Threat Intelligence Report

May 18, 2026 6:00 PM

Tags: access, extortion, github, intelligence, international, leak, software, threat

Vodafone, a major international telecom, has sustained a source code leak claimed by the Lapsus$ extortion group. The company confirmed limited access to GitHub files through compromised third-party development software, while stating that […] First seen on research.checkpoint.com Jump to article: research.checkpoint.com/2026/18th-may-threat-intelligence-report/
âš¡ Weekly Recap: Exchange 0-Day, npm Worm, Fake AI Repo, Cisco Exploit and More

May 18, 2026 6:00 PM

Tags: ai, cisco, cloud, control, data, data-breach, exploit, flaw, leak, mail, network, ransom, worm, zero-day

Monday opens with a trust problem. A mail server flaw is under active use. A network control system was targeted. Trusted packages were poisoned. A fake model page pushed a stealer. Then came the familiar ransom claim: the data was returned and deleted.The pattern is clear. One weak dependency can leak keys. One leaked key…
Public Amazon bucket leaks sensitive guest data from Japanese hotel platform Tabiq

May 18, 2026 4:01 PM

Tags: cloud, data, data-breach, leak

A hotel check-in system exposed over 1 million passports, IDs, and selfies online due to a misconfigured cloud storage bucket. A security lapse in the Reqrea’s Tabiq hotel check-in system exposed over 1 million passports, driver’s licenses, and selfie verification photos online. The issue came from a misconfigured Amazon cloud storage bucket that was left…
AI coding is fueling a secrets-sprawl crisis few CISOs are containing

May 18, 2026 12:00 PM

Tags: access, ai, api, automation, awareness, business, ceo, ciso, control, credentials, data-breach, detection, governance, identity, leak, privacy, programming, risk, service, software, supply-chain, threat, tool, training, unauthorized

Addressing the broader issue: As AI-assisted coding expands, security leaders must rethink how they manage risk. That means looking beyond repositories and securing the full software development lifecycle (SDLC), including collaboration tools where credentials often show up.”We focus on both, but the risk profile is very different, what’s identified in Jira or Slack is far…
AI coding is fueling a secrets-sprawl crisis few CISOs are containing

May 18, 2026 12:00 PM

Tags: access, ai, api, automation, awareness, business, ceo, ciso, control, credentials, data-breach, detection, governance, identity, leak, privacy, programming, risk, service, software, supply-chain, threat, tool, training, unauthorized

Addressing the broader issue: As AI-assisted coding expands, security leaders must rethink how they manage risk. That means looking beyond repositories and securing the full software development lifecycle (SDLC), including collaboration tools where credentials often show up.”We focus on both, but the risk profile is very different, what’s identified in Jira or Slack is far…
Grafana Labs Confirms Security Incident Involving GitHub Codebase Access

May 18, 2026 8:00 AM

Tags: access, credentials, cyber, github, leak, risk, security-incident, software, supply-chain, threat, unauthorized

Grafana Labs has confirmed a security incident involving unauthorized access to its internal GitHub environment, after a threat actor obtained a compromised access token and downloaded portions of the company’s codebase. The disclosure, made via an official statement on May 17, 2026, highlights growing risks around credential leaks and software supply chain exposure. Grafana Labs…
Wave of ShinyHunters Extortion Drives Surge in Data Leaks

May 15, 2026 11:00 PM

Tags: attack, breach, ceo, data, data-breach, extortion, leak

‘Have I Been Pwned’ Founder Troy Hunt Reviews Impact on People and Organizations. The volume of data breaches that result in stolen personal data being leaked online has been surging, courtesy of the ShinyHunters, and while it affects individuals, the organizations being extorted are bearing the brunt of such attacks, said Troy Hunt, founder and…
Next.js Security Flaw Leaks Cloud Credentials, API Keys, and Admin Interfaces

May 15, 2026 9:00 AM

Tags: access, api, cloud, credentials, cve, cyber, flaw, framework, leak, vulnerability

Next.js, one of the most widely used React frameworks, has been hit by a high-severity vulnerability that could allow attackers to extract sensitive cloud credentials, API keys, and even access internal admin interfaces. The flaw, tracked as CVE-2026-44578, exposes a critical weakness in how certain server-side deployments handle WebSocket upgrade requests. Next.js Security Flaw The…
TeamPCP hackers advertise Mistral AI code repos for sale

May 15, 2026 5:00 AM

Tags: ai, group, hacker, leak

The TeamPCP hacker group is threatening to leak source code from the Mistral AI project unless a buyer is found for the data. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/teampcp-hackers-advertise-mistral-ai-code-repos-for-sale/
AI agent finds 18-year-old remote code execution flaw in Nginx

May 15, 2026 5:00 AM

Tags: ai, api, application-security, cve, cvss, data, dos, endpoint, exploit, flaw, github, leak, mitigation, network, open-source, remote-code-execution, risk, service, technology, update, vulnerability, waf

ngx_http_rewrite_module, a component that handles URL rewrites, and impacts Nginx versions from 0.6.27 to 1.30.0. The issue has been given a 9.2 CVSS severity score and was patched in versions 1.31.0 and 1.30.1.The commercial product, Nginx Plus, owned and developed by network and application security firm F5, is also vulnerable, and received patches in versions…
Packagist Warns: Update Composer Now After GitHub Actions Token Leak

May 14, 2026 10:00 AM

Tags: authentication, cyber, github, leak, update, vulnerability

A sudden change in GitHub’s token format has triggered an unexpected security vulnerability in Composer, exposing sensitive authentication tokens in CI/CD logs and forcing Packagist to issue an urgent warning to PHP developers worldwide. The issue stems from a mismatch between GitHub’s updated token structure and Composer’s outdated validation logic. As a result, certain GitHub…
Instructure claims hackers returned stolen Canvas data after an extortion standoff

May 12, 2026 6:19 PM

Tags: breach, cybercrime, data, extortion, group, hacker, leak

ShinyHunters, a prolific cybercrime group, threatened to leak data from more than 8,800 school systems. First seen on cyberscoop.com Jump to article: cyberscoop.com/canvas-instructure-data-theft-extortion-the-com/
Instructure reaches ‘agreement’ with ShinyHunters to stop data leak

May 12, 2026 12:19 PM

Tags: breach, data, data-breach, extortion, group, leak

Instructure, the edtech giant behind the widely popular Canvas learning management system (LMS), has reached an “agreement” with the ShinyHunters extortion group to prevent the data stolen in a recent breach from being leaked online. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/instructure-reaches-agreement-with-shinyhunters-to-stop-data-leak/
Instructure Reaches Ransom Agreement with ShinyHunters to Stop 3.65TB Canvas Leak

May 12, 2026 10:19 AM

Tags: breach, cybercrime, extortion, group, leak, network, ransom, technology, unauthorized, update

American educational technology company Instructure, the parent company of Canvas, said it reached an “agreement” with a decentralized cybercrime extortion group after it breached its network and threatened to leak stolen information from thousands of schools and universities.In an update shared on Monday, the Utah-based firm said it “reached an agreement with the unauthorized actor…
Pressure mounts on Canvas as data leak extortion deadline looms

May 12, 2026 5:19 AM

Tags: data, extortion, leak

Attackers affiliated with The Com are threatening to leak data from more than 8,800 school systems if Instructure doesn’t pay a ransom. First seen on cyberscoop.com Jump to article: cyberscoop.com/canvas-instructure-data-theft-extortion-the-com/
Tables Turned: Gentlemen Ransomware Group Suffers Data Leak

May 12, 2026 12:19 AM

Tags: backup, communications, cybercrime, data, group, leak, ransomware, tactics, tool

Internal Communications Dumped Online, Revealing Fresh Victims, Repeat Tactics. Ransomware group The Gentlemen, a relative newcomer to the cybercrime scene, suffered a leak of its internal communications, revealing previously non-public victims, a variety of tactics, techniques and tools, and a relentless focus on popping backup and storage infrastructure. First seen on govinfosecurity.com Jump to article:…
The State of Ransomware Q1 2026

May 11, 2026 5:20 PM

Tags: data, leak, ransomware

ey Findings Ransomware in Q1 2026: Consolidation at Scale During the first quarter of 2026, we monitored more than 70 active data leak sites (DLS) that collectively listed 2,122 new victims. This figure represents a 12.2% decline from the Q4 2025 all-time record of 2,416 victims but remains the second-highest Q1 on record at 117%…
Ollama OutBounds Read Vulnerability Allows Remote Process Memory Leak

May 11, 2026 5:20 PM

Tags: cve, cybersecurity, exploit, flaw, leak, vulnerability

Cybersecurity researchers have disclosed a critical security vulnerability in Ollama that, if successfully exploited, could allow a remote, unauthenticated attacker to leak its entire process memory.The out-of-bounds read flaw, which likely impacts over 300,000 servers globally, is tracked as CVE-2026-7482 (CVSS score: 9.1). It has been codenamed Bleeding Llama by Cyera.Ollama is a First seen…
ShinyHunters Escalates Canvas Extortion with School by School Ransom Campaign

May 11, 2026 5:20 PM

Tags: breach, data, extortion, leak, login, ransom

ShinyHunters has escalated its Canvas extortion campaign, defacing hundreds of school login pages and threatening to leak stolen data unless institutions negotiate First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/shinyhunters-escalates-canvas/
Spring Vulnerabilities Open Door to Arbitrary File Access and GCP Secret Leaks

May 7, 2026 1:48 PM

Tags: access, cloud, cyber, flaw, google, leak, update, vulnerability

Security researchers have identified four new vulnerabilities in the Spring Cloud Config Server, ranging from medium to critical severity. These newly disclosed flaws could allow attackers to access arbitrary files, leak Google Cloud Platform (GCP) secrets, and manipulate system directories. Administrators, please patch your systems immediately to prevent active exploitation. Spring Vulnerabilities Critical Directory Traversal…