Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

Organization hit by network compromise

Incident
First reported
Last updated
Happening score
H score 13
1 unique sources, 1 articles

Summary

Hide ▲

A Target employee workstation was compromised by infostealer malware in late September 2025, raising the risk of internal credential exposure. The infected device reportedly had access to IAM, Confluence, wiki, and Jira, making the compromise operationally significant. The infection has not been confirmed as the source of the repositories later advertised for sale, so the broader connection remains unproven.

Related Happenings

GitHub hit by network compromise

Incident
First: 20.05.2026 07:01 Last: 20.05.2026 07:01 Sources 1

About this happening: GitHub is investigating unauthorized access to its internal repositories after a third party allegedly offered stolen material for sale on a cybercrime forum. The intrusion was li...

Latest development: 20.05.2026 13:45

GitHub detected unauthorized access tied to a poisoned Visual Studio Code (VS Code) extension on an employee device, removed the malicious extension version, isolated the endpoint, and began incident response to contain exposure across internal repositories.

Open Happening

Lumma Stealer infection of a Context.ai employee

Malware Activity
First: 23.04.2026 11:40 Last: 23.04.2026 11:40 Sources 1

About this happening: A **Context.ai** employee was infected with **Lumma Stealer** in **February 2026**, giving attackers a likely foothold that may have seeded the wider compromise chain affecting **...

Open Happening

Stryker hit by network compromise

Incident
First: 11.03.2026 18:20 Last: 11.03.2026 18:20 Sources 1

About this happening: Stryker suffered a destructive network compromise attributed to Handala/Handala Hack Team, with reporting describing data deletion and widespread device wiping. Early coverage fra...

Latest development: 28.03.2026 17:40

Handala Hack is tied to a destructive compromise of Stryker in which company data was deleted and thousands of employee devices were wiped. Stryker later said the incident was contained after it regained access, removed the unauthorized party from its environment, and noted that the breach was confined to its internal Microsoft environment.

Open Happening

Victim organization's AWS environment hit by data theft breach

Incident
First: 11.03.2026 09:31 Last: 11.03.2026 09:31 Sources 1

About this happening: **UNC6426** breached a victim organization's **AWS environment** and escalated to **administrator access** in **less than 72 hours**, creating immediate risk of **data theft** and...

Open Happening

LexisNexis Legal & Professional hit by network compromise

Incident
First: 03.03.2026 17:40 Last: 03.03.2026 17:40 Sources 1

About this happening: **LexisNexis Legal & Professional** confirmed a **server breach** after an **unauthorized party accessed a limited number of servers**, creating risk that internal customer and bu...

Open Happening

Timeline

  1. 13.01.2026 15:08 1 articles · 4mo ago

    Organization hit by network compromise

    Initial Disclosure

    A **Target employee workstation** was found to be compromised by **infostealer malware** in **late September 2025**. The device had access to **IAM, Confluence, wiki, and Jira**, making the compromise unusually sensitive.

    Show sources
    Open in new tab
  2. 13.01.2026 15:08 1 articles · 4mo ago

    Target restricts git.target.com to managed network access

    Mitigation Patch Update

    Target changed access to git.target.com, its on-prem GitHub Enterprise Server for internal development, so employees now need a Target-managed network on-site or via VPN effective January 9th, 2026. The accelerated change aligned access to how Target handles GitHub.com and locked down public access to the proprietary source code environment.

    Show sources
    Open in new tab