Undisclosed U.S. government agency (reported as “Department of Government Efficiency”)
May 8, 2025
•[ infostealer, malware, credential leak ]
Ars Technica reports a government software engineers workstation was infected with info-stealing malware, with login credentials appearing in multiple stealer-log dumps since 2023; investigation centers on credential exposure rather than confirmed enterprise compromise.
Pearson plc
January 1, 2025
•[ data leak, source code leak, credential leak ]
Threat actors used an exposed GitLab PAT to access source code and cloud credentials, stealing terabytes of corporate and customer data over months.
