LAPSUS is a threat actor attributed to BR, also known as LAPSUS$, DEV-0537, SLIPPY SPIDER. This group is tracked in the Strobes VI threat intelligence database.

What vulnerabilities does LAPSUS exploit?

LAPSUS is known to exploit 1 CVEs. View the full list on the Strobes VI threat actor profile page.

Agentic AI · Pentesting

Ready for Agentic Automated Testing?

Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.

Zero false positives

PoC for every finding

30+ tools orchestrated

Book a Demo Learn More

Setup in 5 minutesSOC 2 & ISO 27001

LAPSUS

Also known as: LAPSUS$, DEV-0537, SLIPPY SPIDER, Strawberry Tempest, UNC3661, Lapsus, Slippy Spider, G1004

BRFinancial gain

Exploited CVEs

Overview

An actor group conducting large-scale social engineering and extortion campaign against multiple organizations with some seeing evidence of destructive elements.

Exploited Vulnerabilities

CVE ID	Action
CVE-2019-3610	View Details