Hackers accessed Grafana’s GitHub repositories after a token compromised in the TanStack attack was not rotated.
The post Grafana Says Codebase and Other Data Stolen via TanStack Supply Chain Attack appeared first on SecurityWeek.
First Shai-Hulud Worm Clones Emerge
At least one threat actor has adopted the recently released malware source code in attacks against NPM developers.
The post First Shai-Hulud Worm Clones Emerge appeared first on SecurityWeek.
Grafana Confirms Breach After Hackers Claim They Stole Data
Grafana appears to have been targeted by Coinbase Cartel, a cybercrime group linked to ShinyHunters, Scattered Spider, and Lapsus$.
The post Grafana Confirms Breach After Hackers Claim They Stole Data appeared first on SecurityWeek.
TeamPCP Ups the Game, Releases Shai-Hulud Worm’s Source Code
The hacking group is encouraging miscreants to use the code in supply chain attacks, promising monetary rewards.
The post TeamPCP Ups the Game, Releases Shai-Hulud Worm’s Source Code appeared first on SecurityWeek.
SailPoint Discloses GitHub Repository Hack
The incident occurred on April 20 and did not affect customer data in the company’s production and staging environments.
The post SailPoint Discloses GitHub Repository Hack appeared first on SecurityWeek.
Ransomware Group Takes Credit for Trellix Hack
RansomHouse has published several screenshots to demonstrate access to internal Trellix services.
The post Ransomware Group Takes Credit for Trellix Hack appeared first on SecurityWeek.
Trellix Source Code Repository Breached
The cybersecurity firm’s investigation has not found any impact on its source code release or distribution process.
The post Trellix Source Code Repository Breached appeared first on SecurityWeek.
F5 Hack: Attack Linked to China, BIG-IP Flaws Patched, Governments Issue Alerts
More information has come to light on the cyberattack disclosed this week by F5, including on attribution and potential risks.
The post F5 Hack: Attack Linked to China, BIG-IP Flaws Patched, Governments Issue Alerts appeared first on SecurityWeek.
F5 Blames Nation-State Hackers for Theft of Source Code and Vulnerability Data
F5 has not shared too much information on the threat actor, but the attack profile seems to point to China.
The post F5 Blames Nation-State Hackers for Theft of Source Code and Vulnerability Data appeared first on SecurityWeek.
Red Hat Confirms GitLab Instance Hack, Data Theft
Hackers claim to have stolen 28,000 private repositories, including data associated with major companies that use Red Hat services.
The post Red Hat Confirms GitLab Instance Hack, Data Theft appeared first on SecurityWeek.
