Microsoft has cut off access to dozens of its open source projects hosted on GitHub as it investigates how hackers apparently breached the projects and injected password-stealing malware into the code.
Many of the affected projects relate to Microsoft’s cloud service Azure and other tools used by developers to code with AI development apps, such as Claude Code, Gemini’s command line interface, and VS Code.
Read more…
Source: TechCrunch News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Israel: Extortionists posed as women online, trapped victims with intimate photos
February 14, 2025
Two men were arrested on Thursday for operating a sophisticated sexual extortion network. According to the investigation, they posed as women on social media lured victims into sending intimate photos, and then threatened to expose the images unless they paid money. The prosecution stated: “They acted systematically, cynically exploiting their victims.” David Bracha, 26, from Rishon ...
- China’s Salt Typhoon hackers continue to breach telecom firms despite US sanctions
February 13, 2025
Security researchers say the Chinese government-linked hacking group, Salt Typhoon, is continuing to compromise telecommunications providers, despite the recent sanctions imposed by the U.S. government on the group. In a report shared with TechCrunch, threat intelligence firm Recorded Future said it had observed Salt Typhoon — which the company tracks as “RedMike” — breaching five telecommunications ...
- Spyware maker caught distributing malicious Android apps for years
February 13, 2025
Italian spyware maker SIO, known to sell its products to government customers, is behind a series of malicious Android apps that masquerade as WhatsApp and other popular apps but steal private data from a target’s device, TechCrunch has exclusively learned. Late last year, a security researcher shared three Android apps with TechCrunch, claiming they were likely ...
- Upper Michigan: Cyber attack hits Sault Tribe offices
February 13, 2025
A ransomware attack that shut down gaming at all five Kewadin Casino locations also impacted other offices at an eastern Upper Peninsula tribe. The tribe made the announcement Monday and said it could be a week or more before regular operations can resume. “On Sunday morning, the Sault Ste. Marie Tribe of Chippewa Indians suffered a ...
- US, UK crack down on Russian bulletproof hosting service ZServers for LockBit partnership
February 12, 2025
Russia-based bulletproof hosting services provider (BPH) ZServers has been sanctioned by the United States, Australia, and the United Kingdom for its alleged involvement with the LockBit ransomware group. In a press release, the Australian Federal Police (AFP) said ZServers was providing services to threat actors responsible for the Medibank Private breach that happened in October 2022. ...
- Huge cyber attack under way – 2.8 million IPs being used to target VPN devices
February 10, 2025
A wide range of Virtual Private Network (VPN) and other networking devices are currently under attack by threat actors trying to break in to wider networks, experts have warned. Threat monitoring platform The Shadowserver Foundation warned about the ongoing attack on X, noting someone is currently using roughly 2.8 million different IP addresses to try and ...