Lapsus$ stole source code from Vodafone and published it, demonstrating the gang’s operationalization and highlighting the critical need to secure source code and developer assets within zero-trust infrastructure.
Vodafone refused to pay Lapsus$ extortionists, prompting the group to publish source code and infrastructure documentation—confirming security leadership’s stance against ransom payments.