TeamPCP Claims Breach of 4,000 GitHub Private Repositories
May 20, 2026
The hacker group TeamPCP claims unauthorized access to ~4,000 GitHub private repositories and is demanding a $50,000 ransom for the
Threat Actors
TeamPCP Claims Breach of 4,000 GitHub Private Repositories
The hacker group TeamPCP claims unauthorized access to ~4,000 GitHub private repositories and is demanding a $50,000 ransom for the stolen source code.
Microsoft Disrupts Fox Tempest Malware-Signing Service
Microsoft seized Fox Tempest's signspace.cloud domain and revoked over 1,000 fraudulent code-signing certificates used by ransomware groups and infostealers.
Storm-2949 Abuses Azure Password Reset to Seize Cloud Accounts
Microsoft tracks Storm-2949, a threat actor using SSPR social engineering to hijack Azure accounts without malware and extract Key Vault secrets and M365 data.
Grafana Breach Traced to TanStack npm Supply Chain Attack
Grafana revealed the source code breach that exposed its GitHub repositories originated from a TanStack npm package poisoned by the TeamPCP threat actor.
Ghostwriter APT Deploys Cobalt Strike in Geofenced Ukraine Campaign
ESET documented a Ghostwriter spear-phishing campaign using geofenced PDFs to deliver Cobalt Strike against Ukrainian and Polish government targets since March 2026.
CoinbaseCartel Steals Grafana Source Code via GitHub Token
Grafana Labs confirmed CoinbaseCartel stole its source code via a stolen GitHub token; the group has links to ShinyHunters; no customer data was affected.
Leaked Shai-Hulud Code Fuels npm Infostealer Wave Targeting Devs
Shai-Hulud malware source code fueled a wave of poisoned npm packages in the @antv ecosystem, including echarts-for-react with 1.1 million weekly downloads.
INTERPOL Operation Ramz: 201 Arrests in 13-Nation MENA Sweep
INTERPOL Operation Ramz arrested 201 suspects and seized 53 servers across 13 MENA countries in a five-month cybercrime crackdown concluding February 2026.
ShinyHunters Claims 600,000-Record 7-Eleven Salesforce Breach
ShinyHunters claimed and 7-Eleven confirmed a breach of its Salesforce CRM containing over 600,000 records, with a ransom demand issued to the retail chain.
FamousSparrow APT Hit Azerbaijani Energy Firm in Three Waves
Bitdefender researchers documented three consecutive FamousSparrow intrusions against an Azerbaijani oil and gas firm between December 2025 and February 2026.
Microsoft Disrupts Fox Tempest Malware-Signing Service
May 20, 2026
Microsoft seized Fox Tempest’s signspace.cloud domain and revoked over 1,000 fraudulent code-signing certificates used by ransomware groups and infostealers.
Storm-2949 Abuses Azure Password Reset to Seize Cloud Accounts
May 20, 2026
Microsoft tracks Storm-2949, a threat actor using SSPR social engineering to hijack Azure accounts without malware and extract Key Vault
Grafana Breach Traced to TanStack npm Supply Chain Attack
May 20, 2026
Grafana revealed the source code breach that exposed its GitHub repositories originated from a TanStack npm package poisoned by the
Ghostwriter APT Deploys Cobalt Strike in Geofenced Ukraine Campaign
May 19, 2026
ESET documented a Ghostwriter spear-phishing campaign using geofenced PDFs to deliver Cobalt Strike against Ukrainian and Polish government targets since
CoinbaseCartel Steals Grafana Source Code via GitHub Token
May 19, 2026
Grafana Labs confirmed CoinbaseCartel stole its source code via a stolen GitHub token; the group has links to ShinyHunters; no
Leaked Shai-Hulud Code Fuels npm Infostealer Wave Targeting Devs
May 19, 2026
Shai-Hulud malware source code fueled a wave of poisoned npm packages in the @antv ecosystem, including echarts-for-react with 1.1 million
INTERPOL Operation Ramz: 201 Arrests in 13-Nation MENA Sweep
May 19, 2026
INTERPOL Operation Ramz arrested 201 suspects and seized 53 servers across 13 MENA countries in a five-month cybercrime crackdown concluding
ShinyHunters Claims 600,000-Record 7-Eleven Salesforce Breach
May 19, 2026
ShinyHunters claimed and 7-Eleven confirmed a breach of its Salesforce CRM containing over 600,000 records, with a ransom demand issued
FamousSparrow APT Hit Azerbaijani Energy Firm in Three Waves
May 14, 2026
Bitdefender researchers documented three consecutive FamousSparrow intrusions against an Azerbaijani oil and gas firm between December 2025 and February 2026.
Trending
Daily Briefing Newsletter
Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.