CHECKMARX CONFIRMS LAPSUS$ LEAKED STOLEN GITHUB DATA
■ AI-SUMMARIZED FROM 2 SOURCES ▸ TIMELINE
Application security firm Checkmarx has confirmed that the LAPSUS$ threat group leaked sensitive data stolen from its private GitHub repository. The breach exposes internal code and development assets.
■ MORE FROM THE SECURITY DESK
U.S. federal prosecutors have unsealed charges against three Russian nationals accused of operating a bulletproof hosting service that supported ransomware gangs responsible for over $62 million in damages worldwide.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned that attackers are actively exploiting three vulnerabilities in Internet-exposed on-premises SharePoint Server instances. Organizations running affected versions must patch immediately.
Tailscale disclosed a critical vulnerability in its SSH implementation that allowed attackers to gain root access through insecure argument handling. The flaw has been patched in recent versions.
A new study found that social media platforms referred over 5.7 million visits to nonconsensual deepfake pornography sites between December 2025 and March 2026, with YouTube and X accounting for the majority of traffic.