Back

ShinyHunters Breaches Cisco, Compromising Source Code and Sensitive Data

Severity: High (Score: 68.0)

Sources: Reddit, Cybersecuritynews

Summary

The cybercriminal group ShinyHunters has claimed responsibility for multiple data breaches at Cisco Systems, reportedly compromising over 3 million Salesforce records containing personally identifiable information (PII), GitHub repositories, AWS S3 buckets, and other sensitive corporate data. The breaches were executed using credentials stolen during a recent Trivy supply-chain attack, which allowed the attackers to infiltrate Cisco's internal development environment. Security researcher Dominic Alvieri reported the details on ShinyHunters' data leak site, indicating a significant scope of impact, including the cloning of over 300 repositories. The current status of the breaches is under investigation, with Cisco likely assessing the full extent of the compromise and potential remediation steps. Key Points: • ShinyHunters claims responsibility for Cisco data breaches affecting over 3 million records. • Attackers exploited stolen credentials from a Trivy supply-chain compromise. • More than 300 GitHub repositories and AWS S3 buckets were reportedly accessed.

Key Entities

  • ShinyHunters (apt_group)
  • Data Breach (attack_type)
  • Supply Chain Attack (attack_type)
  • Cisco (company)
  • Salesforce (company)
  • T1078 - Valid Accounts (mitre_attack)
  • T1195 - Supply Chain Compromise (mitre_attack)
  • T1567 - Exfiltration Over Web Service (mitre_attack)
  • AWS S3 (platform)
  • GitHub (platform)
  • Trivy (tool)
Loading threat details...

Threat Not Found

The threat cluster you're looking for doesn't exist or has been removed.

Return to Feed