source code - Security Ticks

Grafana Says Codebase and Other Data Stolen via TanStack Supply Chain Attack

Data Breaches, Grafana, Mini Shai-Hulud, source code, supply chain attack, Supply Chain Security, TanStack / SecurityTicks

Grafana Says Codebase and Other Data Stolen via TanStack Supply Chain Attack 2026-05-22 at 10:53 By Ionut Arghire Hackers accessed Grafana’s GitHub repositories after a token compromised in the TanStack attack was not rotated. The post Grafana Says Codebase and Other Data Stolen via TanStack Supply Chain Attack appeared first on SecurityWeek. This article is […]

Grafana Says Codebase and Other Data Stolen via TanStack Supply Chain Attack Read More »

First Shai-Hulud Worm Clones Emerge

Malware, Malware & Threats, Shai-Hulud, source code, worm / SecurityTicks

First Shai-Hulud Worm Clones Emerge 2026-05-18 at 12:57 By Ionut Arghire At least one threat actor has adopted the recently released malware source code in attacks against NPM developers. The post First Shai-Hulud Worm Clones Emerge appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

First Shai-Hulud Worm Clones Emerge Read More »

Grafana Confirms Breach After Hackers Claim They Stole Data

cybercrime, data breach, Data Breaches, Grafana, ShinyHunters, source code / SecurityTicks

Grafana Confirms Breach After Hackers Claim They Stole Data 2026-05-18 at 12:08 By Eduard Kovacs Grafana appears to have been targeted by Coinbase Cartel, a cybercrime group linked to ShinyHunters, Scattered Spider, and Lapsus$. The post Grafana Confirms Breach After Hackers Claim They Stole Data appeared first on SecurityWeek. This article is an excerpt from

Grafana Confirms Breach After Hackers Claim They Stole Data Read More »

TeamPCP Ups the Game, Releases Shai-Hulud Worm’s Source Code

Malware, Malware & Threats, Shai-Hulud, source code, Supply Chain Security, TeamPCP, worm / SecurityTicks

TeamPCP Ups the Game, Releases Shai-Hulud Worm’s Source Code 2026-05-15 at 14:32 By Ionut Arghire The hacking group is encouraging miscreants to use the code in supply chain attacks, promising monetary rewards. The post TeamPCP Ups the Game, Releases Shai-Hulud Worm’s Source Code appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

TeamPCP Ups the Game, Releases Shai-Hulud Worm’s Source Code Read More »

SailPoint Discloses GitHub Repository Hack

Data Breaches, Repository, SailPoint, source code / SecurityTicks

SailPoint Discloses GitHub Repository Hack 2026-05-11 at 13:57 By Ionut Arghire The incident occurred on April 20 and did not affect customer data in the company’s production and staging environments. The post SailPoint Discloses GitHub Repository Hack appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

SailPoint Discloses GitHub Repository Hack Read More »

Ransomware Group Takes Credit for Trellix Hack

data breach, Data Breaches, RansomHouse, Ransomware, source code, Trellix / SecurityTicks

Ransomware Group Takes Credit for Trellix Hack 2026-05-08 at 15:37 By Eduard Kovacs RansomHouse has published several screenshots to demonstrate access to internal Trellix services. The post Ransomware Group Takes Credit for Trellix Hack appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Ransomware Group Takes Credit for Trellix Hack Read More »

Trellix Source Code Repository Breached

data breach, Data Breaches, security company hacked, source code, Trellix / SecurityTicks

Trellix Source Code Repository Breached 2026-05-04 at 21:07 By Eduard Kovacs The cybersecurity firm’s investigation has not found any impact on its source code release or distribution process. The post Trellix Source Code Repository Breached appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Trellix Source Code Repository Breached Read More »

F5 Hack: Attack Linked to China, BIG-IP Flaws Patched, Governments Issue Alerts

Big-IP, China, China APT, Data Breaches, F5, Featured, Nation-State, source code / SecurityTicks

F5 Hack: Attack Linked to China, BIG-IP Flaws Patched, Governments Issue Alerts 2025-10-16 at 12:58 By Eduard Kovacs More information has come to light on the cyberattack disclosed this week by F5, including on attribution and potential risks. The post F5 Hack: Attack Linked to China, BIG-IP Flaws Patched, Governments Issue Alerts appeared first on

F5 Hack: Attack Linked to China, BIG-IP Flaws Patched, Governments Issue Alerts Read More »

F5 data breach: “Nation-state” attackers stole BIG-IP source code, vulnerability info

CrowdStrike, data breach, data theft, Don't miss, F5 Networks, Hot stuff, IOActive, Mandiant, NCC Group, NCSC, networking, News, source code / SecurityTicks

F5 data breach: “Nation-state” attackers stole BIG-IP source code, vulnerability info 2025-10-15 at 18:39 By Zeljka Zorz US tech company F5 has suffered a breach, and the attackers made off with source code of and vulnerability information related to its BIG-IP family of networking and security products, the company confirmed today. BIG-IP vulnerabilities are often

F5 data breach: “Nation-state” attackers stole BIG-IP source code, vulnerability info Read More »

F5 Blames Nation-State Hackers for Theft of Source Code and Vulnerability Data

Big-IP, China, Data Breaches, data theft, F5, Featured, Nation-State, source code / SecurityTicks

F5 Blames Nation-State Hackers for Theft of Source Code and Vulnerability Data 2025-10-15 at 18:18 By Eduard Kovacs F5 has not shared too much information on the threat actor, but the attack profile seems to point to China. The post F5 Blames Nation-State Hackers for Theft of Source Code and Vulnerability Data appeared first on

F5 Blames Nation-State Hackers for Theft of Source Code and Vulnerability Data Read More »

Red Hat Confirms GitLab Instance Hack, Data Theft

Crimson Collective, data breach, Data Breaches, Featured, GitLab, Red Hat, source code / SecurityTicks

Red Hat Confirms GitLab Instance Hack, Data Theft 2025-10-03 at 10:15 By Eduard Kovacs Hackers claim to have stolen 28,000 private repositories, including data associated with major companies that use Red Hat services. The post Red Hat Confirms GitLab Instance Hack, Data Theft appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

Red Hat Confirms GitLab Instance Hack, Data Theft Read More »

GitHub Announces General Availability of Security Campaigns

Application Security, GitHub, security campaigns, source code / SecurityTicks

GitHub Announces General Availability of Security Campaigns 2025-04-10 at 14:21 By Eduard Kovacs GitHub security campaigns make it easier for developers and security teams to collaborate on fixing vulnerabilities in their applications. The post GitHub Announces General Availability of Security Campaigns appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

GitHub Announces General Availability of Security Campaigns Read More »

39 Million Secrets Leaked on GitHub in 2024

Data Protection, GitHub, secrets scanning, secrets sprawl, source code / SecurityTicks

39 Million Secrets Leaked on GitHub in 2024 2025-04-03 at 14:01 By Ionut Arghire GitHub has announced new capabilities to help organizations and developers keep secrets in their code protected. The post 39 Million Secrets Leaked on GitHub in 2024 appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

39 Million Secrets Leaked on GitHub in 2024 Read More »

US, Allies Warn of Memory Unsafety Risks in Open Source Software

Application Security, CISA, guidance, open source, source code / SecurityTicks

US, Allies Warn of Memory Unsafety Risks in Open Source Software 2024-06-27 at 17:01 By Ionut Arghire Most critical open source software contains code written in a memory unsafe language, US, Australian, and Canadian government agencies warn. The post US, Allies Warn of Memory Unsafety Risks in Open Source Software appeared first on SecurityWeek. This

US, Allies Warn of Memory Unsafety Risks in Open Source Software Read More »

‘Phantom’ Source Code Secrets Haunt Major Organizations

Application Security, Data leak, source code / SecurityTicks

‘Phantom’ Source Code Secrets Haunt Major Organizations 2024-06-27 at 13:01 By Ionut Arghire Aqua Security shows that code in repositories remains accessible even after being deleted or overwritten, continuing to leak secrets. The post ‘Phantom’ Source Code Secrets Haunt Major Organizations appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View

‘Phantom’ Source Code Secrets Haunt Major Organizations Read More »

New York Times Responds to Source Code Leak

data breach, Data Breaches, Data leak, source code / SecurityTicks

New York Times Responds to Source Code Leak 2024-06-10 at 16:31 By Eduard Kovacs The New York Times has issued a statement after someone leaked source code allegedly belonging to the news giant. The post New York Times Responds to Source Code Leak appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

New York Times Responds to Source Code Leak Read More »

Leaked GitHub Token Exposed Mercedes Source Code

Data Breaches, Data leak, source code / SecurityTicks

Leaked GitHub Token Exposed Mercedes Source Code 2024-01-31 at 15:47 By Ionut Arghire A leaked token provided unrestricted access to the entire source code on Mercedes-Benz’s GitHub Enterprise server. The post Leaked GitHub Token Exposed Mercedes Source Code appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source

Leaked GitHub Token Exposed Mercedes Source Code Read More »

Thousands of Popular Websites Leaking Secrets

Application Security, Data Protection, secrets scanning, source code / SecurityTicks

Thousands of Popular Websites Leaking Secrets 06/09/2023 at 18:16 By Ionut Arghire Truffle Security has discovered thousands of popular websites leaking their secrets, including .git directories and AWS and GitHub keys. The post Thousands of Popular Websites Leaking Secrets appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source

Threat Actors Adopt, Modify Open Source ‘SapphireStealer’ Information Stealer

Malware, Malware & Threats, source code / SecurityTicks

Threat Actors Adopt, Modify Open Source ‘SapphireStealer’ Information Stealer 01/09/2023 at 14:04 By Ionut Arghire Cisco has observed multiple threat actors adopting the SapphireStealer information stealer after its source code was released on GitHub. The post Threat Actors Adopt, Modify Open Source ‘SapphireStealer’ Information Stealer appeared first on SecurityWeek. This article is an excerpt from

Threat Actors Adopt, Modify Open Source ‘SapphireStealer’ Information Stealer Read More »

BlackLotus UEFI Bootkit Source Code Leaked on GitHub

BlackLotus, bootkit, leak, Malware & Threats, source code / SecurityTicks

BlackLotus UEFI Bootkit Source Code Leaked on GitHub 13/07/2023 at 19:31 By Ionut Arghire The source code for the BlackLotus UEFI bootkit has been leaked on GitHub and an expert has issued a warning over the risks. The post BlackLotus UEFI Bootkit Source Code Leaked on GitHub appeared first on SecurityWeek. This article is an

BlackLotus UEFI Bootkit Source Code Leaked on GitHub Read More »