:

CHECKMARX CONFIRMS LAPSUS$ LEAKED STOLEN GITHUB DATA

DEV DESK1 MIN READ
TUE, APR 28, 2026

■ AI-SUMMARIZED FROM 2 SOURCES ▸ TIMELINE

Application security firm Checkmarx has confirmed that the LAPSUS$ threat group leaked sensitive data stolen from its private GitHub repository. The breach exposes internal code and development assets.

Checkmarx disclosed the data leak after LAPSUS$ published stolen materials online. The threat group, known for high-profile breaches targeting major tech and financial firms, accessed the company's private GitHub repositories containing proprietary source code and security tools. The incident marks another successful attack against a cybersecurity vendor, a pattern LAPSUS$ has demonstrated repeatedly. The group typically combines theft with extortion, threatening to release data unless ransom demands are met. Checkmarx has not disclosed the full scope of compromised data or confirmed ransom demands. The company has begun notifying affected customers and partners. Separately, GitHub announced it will begin charging Copilot users based on actual AI usage rather than flat-rate subscriptions, citing escalating inference costs from heavy users. The pricing shift reflects growing demand for AI coding tools and the computational expenses required to support them at scale.

■ SOURCES

Bleeping ComputerArs Technica

■ SUMMARY WRITTEN BY AI FROM THE LINKS ABOVE

■ MORE FROM THE SECURITY DESK

Surveillance technology company Flock Safety did not issue a cease-and-desist letter to The Saturday Salon, a Newport Beach lecture series, despite claims posted on Instagram Thursday. The incident reignites debate over the company's practices and relationship with law enforcement.

3H AGOSecurity Desk

The US Cybersecurity and Infrastructure Security Agency revealed it lacked a prepared incident response plan during a recent security event, forcing it to develop procedures in real time.

3H AGOSecurity Desk

Research reveals that terrorist group Boko Haram is leveraging advanced AI technologies to enhance operational capabilities. A new report documents how the organization has integrated frontier AI systems into recruitment, planning, and execution efforts.

5H AGOAI Desk

Researchers have discovered six vulnerabilities in U-Boot, a bootloader used across millions of devices, that could allow attackers to execute malicious code during device startup. The flaws could enable persistent malware installation while bypassing security protections.

5H AGOIndustry Desk

■ SUBSCRIBE TO THE DAILY BRIEF

ONE EMAIL, 5 STORIES, 06:00 UTC. UNSUBSCRIBE ANYTIME.