Microsoft has cut off access to dozens of its open source projects hosted on GitHub as it investigates how hackers apparently breached the projects and injected password-stealing malware into the code.
Many of the affected projects relate to Microsoft’s cloud service Azure and other tools used by developers to code with AI development apps, such as Claude Code, Gemini’s command line interface, and VS Code.
Read more…
Source: TechCrunch News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- The evolution of Dark Caracal tools: analysis of a campaign featuring Poco RAT
February 28, 2025
In early 2024, analysts at the Positive Technologies Expert Security Center (PT ESC) discovered a malicious sample. The cybersecurity community named it Poco RAT after the POCO libraries in its C++ codebase. At the time of its discovery, the sample had not been linked to any known threat group. The malware came loaded with a full ...
- Cyber Attack Keeps Cleveland Municipal Court Offline
February 28, 2025
Cleveland Municipal Court will remain closed Thursday, four days after officials announced a cyber attack against the court. The court has been closed since Monday. All internal systems and software, including the court’s website, have been shut down and will remain offline as authorities work to figure out what happened and the best time to restore ...
- JavaGhost’s Persistent Phishing Attacks From the Cloud
February 28, 2025
Unit 42 researchers have observed phishing activity that we track as TGR-UNK-0011. They assess with high confidence that this cluster overlaps with the threat actor group JavaGhost. The threat actor group JavaGhost has been active for over five years and continues to target cloud environments to send out phishing campaigns to unsuspecting targets. According to website ...
- UK: Cyber-attack sparks security fears over NHS provider’s data
February 28, 2025
The private healthcare group that will soon take charge of Swindon community care services has been hit by a cyber-attack. HCRG Care Group recently won the contract to provide care-at-home services in the Swindon area, which was previously managed by the trust in charge of Great Western Hospital, as well as other parts of Wiltshire. The company ...
- PayPal’s “no-code checkout” abused by scammers
February 27, 2025
Malwarebytes Labs recently identified a new scam targeting PayPal customers with very convincing ads and pages. Crooks are abusing both Google and PayPal’s infrastructure in order to trick victims calling for assistance to speak with fraudsters instead. Combining official-looking Google search ads with specially-crafted PayPal pay links, makes this scheme particularly dangerous on mobile devices due ...
- Global hacker arrested in Thailand in joint operation of Singapore and Thai police
February 27, 2025
The Singapore Police Force (‘SPF’) collaborated with the Royal Thai Police (‘RTP’) on a cross-border operation against a hacker believed to be responsible for a series of international data breaches, leading to the arrest of a 39-year-old man on 26 February 2025 in Thailand. Investigations into the data breaches began in 2020, following reports filed by ...