[ed. Well, good luck with this one.]
A Chinese state supercomputer reportedly bled ten petabytes. Stryker was wiped across 79 countries. Lockheed Martin was hit for a reported 375 terabytes. The FBI Director’s personal inbox was dumped on the open web. The FBI’s wiretap management network was breached in a separate “major incident.” Rockstar Games was breached through a SaaS analytics vendor most people have never heard of. Cisco’s private GitHub was cloned. Oracle’s legacy cloud cracked open. The Axios npm package, downloaded a hundred million times a week, was hijacked by North Korea. Mercor, the $10 billion AI training-data vendor that sits inside the data pipelines of OpenAI, Anthropic, and Meta simultaneously, was breached through the LiteLLM open source library and had 4 terabytes extracted by Lapsus$. Honda was hit twice. The new ShinyHunters/Scattered Spider/LAPSUS$ alliance breached approximately 400 organizations and exfiltrated roughly 1.5 billion Salesforce records.
And yet, the public conversation around them has been quiet to the point of being strange. This is a curious observation more than a complaint. And the goal of what follows is to gather the events into one place, cite the publications that reported each one, and then ask, gently, why the period feels so undocumented in real time.
Every named incident below is followed by inline parenthetical citations to the publications that broke or covered it, in the same way an academic paper would.
I am not arguing that the cybersecurity community is failing. I am noting that something unusual is happening.
by Patrick Quirk, Substack | Read more:
Image: uncredited
[ed. Hmm... sounds suspicious.]
[ed. Hmm... sounds suspicious.]
