Open source tool maker Grafana Labs says hackers stole its code, refuses to pay ransom

The open source project said hackers stole its codebase and threatened to publish its source code if the company did not pay.
Decrypt

Shai-Hulud: What to Know About the Malware Spreading Through Software Pipelines

The Shai-Hulud supply-chain malware campaign is exploiting the automated systems developers trust to publish software safely.
Tech Times

GitHub CISO Names Nx Console as Root of 3,800-Repo Breach: OpenAI, Grafana Also Hit

GitHub CISO Alexis Wales confirmed Thursday that a poisoned build of the Nx Console Visual Studio Code extension — live on ...
NDTV Profit on MSN

GitHub investigates major cyberattack amid claims of stolen source code sale

GitHub is investigating a major cyberattack after hackers allegedly accessed internal systems using stolen tokens and put ...

Grafana Rejects Ransom Demand After GitHub Breach Exposes Codebase Theft

Grafana refused an extortion demand after attackers used a stolen GitHub token to download code, with no customer data ...

OpenBSD 7.9: Mythos bug fixed, more partitions and security

OpenBSD 7.9 is the 60th release of the open-source operating system and brings many improvements in security and networking.
Silicon Republic

Hackers access GitHub, download codebase in Grafana Labs breach

The recent Grafana labs hack has been confirmed by the organisation, with the company refusing to comply with ransom demands.
WLRN

The rise and fall of an AI-driven ‘local news outlet’ in South Florida

South Florida journalist Sofia Delgado was having a great year. Reporters at the news outlet she helped launch a few months ago, the South Florida Standard, had been regularly publishing three stories ...
WeLiveSecurity

Webworm: New burrowing techniques

EchoCreep, which uses Discord for C&C communication, and GraphWorm, which uses Microsoft Graph API for the same purpose. The ...
Tech Times

Grafana Labs’ GitHub Token Stolen via CI/CD Flaw: Codebase Gone, Ransom Refused

Grafana Labs, whose observability dashboards run inside the infrastructure of more than 7,000 organizations worldwide — ...

A Hacker Group Is Poisoning Open Source Code at an Unprecedented Scale

GitHub is just the latest victim of TeamPCP, a gang that has carried out a spree of software supply chain attacks that has ...
Infosecurity Magazine

GitHub Confirms Breach of Internal Repositories Via Malicious VS Code Extension

The Microsoft-owed software developer platform, GitHub, has confirmed a third-party has gained unauthorized access to 3800 ...