Scattered Lapsus$ Hunters — Threat Actor Profile, Campaigns & Targets

Threat entity extracted from intelligence sources

Frequency
12
occurrences
First Seen
November 6, 2025
Last Seen
May 29, 2026

Scattered Lapsus$ Hunters is a apt_group tracked across 15 threat clusters and 12 intelligence report mentions on ThreatCluster. First observed November 6, 2025; most recent activity May 29, 2026.

Related Threat Clusters

  • The Com: Cybercrime Ecosystem Fuels Violence and Exploitation

    The Com, a decentralized criminal ecosystem, has emerged as a significant threat, combining cybercrime, exploitation of minors, and real-world violence. This group primarily targets cloud and SaaS platforms, with…

    2 articles · Updated May 29, 2026
  • DragonForce Emerges as Conti-Linked Ransomware Cartel

    DragonForce, a new ransomware operation derived from Conti's leaked source code, has emerged with a cartel-like structure. The group retains Conti's core encryption and network-spreading capabilities while recruiting…

    2 articles · Updated November 6, 2025
  • Rise of AI-Driven Scams Targeting UK SMEs

    UK small and medium-sized enterprises (SMEs) are increasingly vulnerable to sophisticated AI-driven scams, as highlighted by recent reports. The emergence of 'AI scams 2.0' combines traditional social engineering…

    704 articles · Updated March 12, 2026
  • Gainsight Apps Breach Exposes Data of Over 200 Salesforce Customers

    A significant supply chain attack has compromised Salesforce-stored data from more than 200 companies through applications published by Gainsight. Salesforce confirmed unauthorized access to customer data and is…

    30 articles · Updated November 23, 2025
  • Ex-Data Analyst Convicted in $2.5M Extortion Scheme Against Brightly Software

    Cameron Curry, a 27-year-old former data analyst contractor for Brightly Software, was found guilty of extorting the company for $2.5 million after stealing sensitive employee data. Utilizing his authorized access,…

    2 articles · Updated March 21, 2026
  • Medusa and DragonForce Ransomware Exploit RMM Tools in 2025 UK Attacks

    In 2025, ransomware groups Medusa and DragonForce targeted UK organizations by exploiting three critical vulnerabilities in the SimpleHelp Remote Monitoring and Management platform. These vulnerabilities…

    9 articles · Updated November 11, 2025
  • Teenagers Plead Not Guilty in TfL Cyber Attack Case

    Two teenagers, Thalha Jubair and Owen Flowers, have pleaded not guilty to charges related to a cyber attack on Transport for London (TfL) that resulted in significant financial losses. The attack, attributed to the…

    14 articles · Updated November 21, 2025
  • Adidas Investigates Third-Party Data Breach Involving Partner Company

    Adidas is investigating a data breach involving one of its independent licensing partners, which is a distributor for martial arts products. Digital thieves have claimed to have stolen sensitive information and…

    9 articles · Updated February 18, 2026
  • Data Breach Affects Over 200 Companies via Gainsight Integration with Salesforce

    Hackers compromised Salesforce-stored data from more than 200 companies through a supply chain attack involving Gainsight applications. Google confirmed the breach, stating that unauthorized access to customer data was…

    44 articles · Updated November 27, 2025
  • Teens Plead Not Guilty in TfL Cyber Attack Case

    Two teenagers, Thalha Jubair, 19, and Owen Flowers, 18, have pleaded not guilty to charges related to a cyber attack on Transport for London (TfL) that occurred in August 2024. The attack reportedly caused a £39 million…

    14 articles · Updated November 22, 2025

Recent Intelligence Reports

  • 'The Com' Cyberattacks Support Violence & Sexploitation — Darkreading · May 29, 2026
  • Voice phishing skyrockets as smooth crims talk their way in — Theregister · March 23, 2026
  • Ex-Data Analyst Convicted in $2.5M Brightly Software Extortion Scheme — Technadu · March 21, 2026
  • Adidas investigates third — Theregister · February 18, 2026
  • Resecurity lures attackers into honeypot after hack claim — Techzine.Eu · January 5, 2026
  • Hackers claim to hack Resecurity, firm says it was a honeypot — Bleepingcomputer · January 3, 2026
  • PayPal Subscription Scam: Fake Purchase Emails Evade Security Filters — Technadu · December 15, 2025
  • CrowdStrike Fires Employee for Leaking Internal System Info to Hackers — Gbhackers · November 22, 2025

CVSS v3.1 Breakdown