The Threat CodexFeb 4
A Technical and Ethical Post-Mortem of the Feb 2026 Harvard University ShinyHunters Data Breach
#ScatteredLapsus$Hunters
https://www.infostealers.com/article/a-technical-and-ethical-post-mortem-of-the-feb-2026-harvard-university-shinyhunters-data-breach/
A Technical and Ethical Post-Mortem of the Feb 2026 Harvard University ShinyHunters Data Breach

On February 4, 2026, the cybersecurity landscape of higher education was fundamentally altered. A breach attributed to the cybercriminal syndicate ShinyHunters - operating as part of the "Scattered LAPSUS$ Hunters" collective - exposed approximately 115,000 sensitive records from Harvard University’s Alumni Affairs and Development (AAD) department.

InfoStealers
The Threat CodexFeb 3
Harassment, Scare Tactics, & Why Victims Should Never Pay ShinyHunters
#TheCom #ShinyHunters #ScatteredLapsus$Hunters #SCATTEREDSPIDER
https://blog.unit221b.com/dont-read-this-blog/harassment-scare-tactics-why-victims-should-never-pay-shinyhunters
Harassment, Scare Tactics, & Why Victims Should Never Pay ShinyHunters

ShinyHunters uses fear and coercion to pressure victims into paying ransoms. This research explains why compliance only fuels further extortion.

The Threat CodexJan 4
Hackers claim to hack Resecurity, firm says it was a honeypot
#ScatteredLapsus$Hunters #Resecurity
https://www.bleepingcomputer.com/news/security/hackers-claim-resecurity-hack-firm-says-it-was-a-honeypot/
Hackers claim to hack Resecurity, firm says it was a honeypot

The ShinyHunters hacking group claims it breached the systems of cybersecurity firm Resecurity and stole internal data, while Resecurity says the attackers only accessed a deliberately deployed honeypot containing fake information used to monitor their activity.

BleepingComputer
KrebsOnSecurity RSSNov 26

Meet Rey, the Admin of ‘Scattered Lapsus$ Hunters’

https://krebsonsecurity.com/2025/11/meet-rey-the-admin-of-scattered-lapsus-hunters/

#U.S.CentersforDiseaseControlandPrevention #ScatteredLAPSUS$Hunters #cybero5tdev@proton.me #Ne'er-Do-WellNews #SchneiderElectric #Cyb3rDrag0nzTeam #SaifAl-DinKhader #ALittleSunshine #ScatteredSpider #OrangeRomania #BreachForums #ShinyHunters #Breadcrumbs #CrowdStrike #Disney/Hulu #SentinelOne #ShinySp1d3r #Ransomware #Flashpoint #Hikki-Chan #Telefonica #o5tdev

Meet Rey, the Admin of ‘Scattered Lapsus$ Hunters’ – Krebs on Security

Dissent Doe  Nov 21

CrowdStrike catches insider feeding information to ScatteredLapsus$Hunters

Sergiu Gatlan reports:

American cybersecurity firm CrowdStrike has confirmed that an insider shared screenshots taken on internal systems with hackers after they were leaked on Telegram by the Scattered Lapsus$ Hunters threat actors.

However, the company noted that its systems were not breached as a result of this incident and that customers' data was not compromised.

"We identified and terminated a suspicious insider last month following an internal investigation that determined he shared pictures of his computer screen externally," a CrowdStrike spokesperson told BleepingComputer today.

Read more at Bleeping Computer: https://www.bleepingcomputer.com/news/security/crowdstrike-catches-insider-feeding-information-to-hackers/

#insiderthreat #crowdstrike #scatteredlapsus$hunters

CrowdStrike catches insider feeding information to hackers

American cybersecurity firm CrowdStrike has confirmed that an insider shared screenshots taken on internal systems with hackers after they were leaked on Telegram by the Scattered Lapsus$ Hunters threat actors.

BleepingComputer
The Threat CodexOct 22
The Golden Scale: Notable Threat Updates and Looking Ahead
#BlingLibra #ScatteredLapsus$Hunters
https://unit42.paloaltonetworks.com/scattered-lapsus-hunters-updates/
The Golden Scale: Notable Threat Updates and Looking Ahead

Unit 42 shares notable developments of cybercrime group Scattered LAPSUS$ Hunters. Learn how this group may operate in the future.

Unit 42
Bob CarverOct 18
Notorious hacker group doxxes ICE and FBI officials in leak | Mashable https://mashable.com/article/hacker-group-doxxes-ice-fbi-doj-agents #cybersecurity #ScatteredLAPSUS$Hunters #ICE #DHS #FBI #doxxed #breach
The Threat CodexOct 18
Scattered LAPSUS$ Hunters: 2025's Most Dangerous Cybercrime Supergroup
#ScatteredLapsus$Hunters
https://www.picussecurity.com/resource/blog/scattered-lapsus-hunters-2025s-most-dangerous-cybercrime-supergroup
Scattered LAPSUS$ Hunters: 2025's Most Dangerous Cybercrime Supergroup

Scattered Lapsus$ Hunters combine the tactics of Scattered Spider, LAPSUS$, and ShinyHunters. Picus explains how this cybercrime supergroup operates in detail.

Bob CarverOct 14
Domains used by notorious hacking group ShinyHunters for Salesforce hacks disrupted in FBI takedown | TechRadar https://www.techradar.com/pro/security/domains-used-by-notorious-hacking-group-shinyhunters-disrupted-in-fbi-takedown #cybersecurity #ShinyHunters #ScatteredLapsus$Hunters #domains #seized #Saleforce #Salesloft
Domains used by notorious hacking group ShinyHunters for Salesforce hacks disrupted in FBI takedown

Two domains were seized, but one returned quickly

TechRadar
PrivacyDigestOct 9

#Salesforce says it won’t pay #extortion demand in 1 billion records #breach

The threat group behind the campaign is calling itself #ScatteredLAPSUS$ Hunters, a mashup of three prolific data-extortion actors: #ScatteredSpider , #LAPSuS$ , and #ShinyHunters. #Mandiant, meanwhile, tracks the group as #UNC6040, because the researchers so far have been unable to positively identify the connections.
#privacy #security

https://arstechnica.com/security/2025/10/salesforce-says-it-wont-pay-extortion-demand-in-1-billion-records-breach/

Salesforce says it won’t pay extortion demand in 1 billion records breach

Scattered LAPSUS$ Hunters gave Salesforce until Friday to pay or else.

Ars Technica