BreachesApr 9, 2026
‼️🇺🇸 Threat actor claims to be selling Cisco source code and database containing 3.15 million S...
Threat actor claims to be selling stolen Cisco source code and 3.15M Salesforce records for $500K.
Summary
A threat actor allegedly affiliated with UNC6040/ShinyHunters is offering to sell stolen Cisco proprietary source code (IOS, ASA, NX-OS) and a database containing 3.15 million Salesforce records for $500,000. The breach represents a significant supply-chain and intellectual property threat, exposing core network infrastructure code and sensitive customer data. The asking price and seller claims suggest an attempt to monetize the theft through direct sale or auction.
Indicators of Compromise
- malware — UNC6040
Entities
Cisco (vendor)Salesforce (vendor)Cisco IOS (product)Cisco ASA (product)Cisco NX-OS (product)UNC6040/ShinyHunters (threat_actor)