%term

Grafana and GitHub Breached: The Risk When Private Code Leaks

May 22, 2026 By Gaetan Ferry In GitGuardian

Code from GitHub and Grafana is in criminal hands. Secrets buried inside could open doors no one is thinking of protecting yet, and AI will make hunting 0-days in that private code faster than ever.

Read Post

GitGuardian

Read more about Grafana and GitHub Breached: The Risk When Private Code Leaks

[Heads Up] GitHub Breach Shows Developer Tools Are Social Engineering Targets

May 21, 2026 By KnowBe4 Team In KnowBe4

GitHub disclosed that attackers accessed its internal repositories after compromising an employee device through a poisoned Visual Studio Code extension. The company said the activity appears limited to GitHub-owned internal repositories, with the attacker’s claim of roughly 3,800 repositories being “directionally consistent” with its investigation. GitHub also said it found no evidence that customers’ own enterprises, organizations or repositories were impacted.

Read Post

KnowBe4

Read more about [Heads Up] GitHub Breach Shows Developer Tools Are Social Engineering Targets

GitHub internal repositories breached

May 20, 2026 By Sophos X-Ops In Sophos

A malicious VS Code extension led to cloned private repositories, reportedly offered for sale on a criminal forum On May 19-20, 2026, GitHub confirmed a security incident affecting its own internal systems. A threat actor self-identifying as TeamPCP, also tracked as UNC6780, compromised an employee’s developer device by way of a malicious Visual Studio Code extension and used that foothold to clone roughly 3,800 of GitHub’s internal repositories.

Read Post

Sophos

Read more about GitHub internal repositories breached

Before the Breach: Why Fast Incident Response Starts with Preparation

May 19, 2026 By Joe Knight In CISO Global

When a cyber incident occurs, every second matters. Organizations with an incident response retainer can act immediately, while others are still trying to define their response strategy.

Read Post

CISO Global

Read more about Before the Breach: Why Fast Incident Response Starts with Preparation

What We Can Learn From the MoD Data Breach Attack

May 18, 2026 By SecuritySenses In SecuritySenses

The recent Ministry of Defence (MoD) data breach has raised serious concerns about cyber security, data protection and public trust. The attack exposed the personal details of thousands of serving and former armed forces personnel, including names, bank details, addresses and National Insurance numbers. Reports suggest that hackers gained access through a third-party payroll contractor linked to the MoD.

Read Post

SecuritySenses

Read more about What We Can Learn From the MoD Data Breach Attack

The New CISO Ep. 145 - Eric O'Neill | Lessons From a Spy Hunter: The Real Cost of a Breach (Part 1)

May 14, 2026 By Exabeam In Exabeam

What does it feel like to stand in the smoking ruin of a ransomware attack? In this episode, Steve Moore is joined by former FBI undercover operative Eric O'Neill—the man who helped capture Robert Hanssen—to explain why modern cybercrime is just traditional espionage repackaged, and why the dark web has quietly become the world's third-largest economy.

View Video

Exabeam

Read more about The New CISO Ep. 145 - Eric O'Neill | Lessons From a Spy Hunter: The Real Cost of a Breach (Part 1)

UAE breach attempts, dupe ransomware, PAN-OS vulnerability & Microsoft's Phone Link attack [321]

May 13, 2026 By LimaCharlie In LimaCharlie

In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community. Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform. This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows.

View Video

LimaCharlie

Read more about UAE breach attempts, dupe ransomware, PAN-OS vulnerability & Microsoft's Phone Link attack [321]

What You Need to Know about the BWH Hotels Data Breach

May 13, 2026 By IDStrong In IDStrong

BWH Hotel Group is one of the world's largest hotel networks, operating more than 4,000 hotels in over 100 countries. The company evolved from Best Western and today manages a multi-brand portfolio spanning budget to luxury hospitality. BWH Hotels' portfolio includes prominent brands such as Best Western Hotels & Resorts, WorldHotels, and Sure Hotels, serving millions of guests annually across approximately 4,300 hotels that generate more than $8.5 billion in annual revenue.

Read Post

IDStrong

Read more about What You Need to Know about the BWH Hotels Data Breach

71% of Organizations Suffered At Least One Identity Breach in the Past Year, Sophos Research Finds

May 12, 2026 By Sophos In Sophos

State of Identity Security 2026 report finds human error and poor non-human identity management are the root causes of most attacks, as agentic AI accelerates the risk.

Read Post

Sophos

Read more about 71% of Organizations Suffered At Least One Identity Breach in the Past Year, Sophos Research Finds

Teen Hackers and Cybercrime: How Online Curiosity Becomes Multi-Million Dollar Data Breaches

May 12, 2026 By Brian Hill In CISO Global

Groups behind these operations actively watch online platforms for talent. When they spot someone with advanced skills, they reach out, posing as peers and offering access to tools, techniques, and a share of the profits.

Read Post