Microsoft has cut off access to dozens of its open source projects hosted on GitHub as it investigates how hackers apparently breached the projects and injected password-stealing malware into the code.
Many of the affected projects relate to Microsoft’s cloud service Azure and other tools used by developers to code with AI development apps, such as Claude Code, Gemini’s command line interface, and VS Code.
Read more…
Source: TechCrunch News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Hackers are using fake Chrome, Word and OneDrive errors to trick people into installing malware
June 17, 2024
Proofpoint has observed an increase in a technique leveraging unique social engineering that directs users to copy and paste malicious PowerShell scripts to infect their computers with malware. Threat actors including initial access broker TA571 and at least one fake update activity set are using this method to deliver malware including DarkGate, Matanbuchus, NetSupport, and various ...
- Keytronic confirms data breach after Black Basta ransomware gang strikes again
June 17, 2024
Hardware firm Keytronic has confirmed a significant data breach weeks after the Black Basta ransomware group leaked over 500GB of the company’s stolen data around two weeks ago. The company, known for its printed circuit board assembly (PCBA), reported the cyberattack in an SEC filing over a month ago on May 6 – the attack was ...
- Malvertising Campaign Leads to Execution of Oyster Backdoor
June 17, 2024
Rapid7 has observed a recent malvertising campaign that lures users into downloading malicious installers for popular software such as Google Chrome and Microsoft Teams. The installers were being used to drop a backdoor identified as Oyster, aka Broomstick. Following execution of the backdoor, we have observed enumeration commands indicative of hands-on-keyboard activity as well as the ...
- Philippines Maritime Industry Authority web-based systems hit by cyber attack
June 17, 2024
Four web-based systems belonging to the Maritime Industry Authority (MARINA) were “attacked and compromised” on Sunday, MARINA said Monday. MARINA said it deployed its concerned officials and employees to its Central Office to “to implement expeditious measure to ensure the protection of the integrity of the systems.” Read more… Source: MSN News Sign up for our Newsletter Related:
- Cleveland City Hall to remain closed after ransomware attack
June 15, 2024
City officials have confirmed the “cyber incident” that has hamstrung city operations for days to be a ransomware attack. In such attacks, malicious software effectively locks up a computer or network system, preventing access until users pay a ransom, according to the FBI. Read more… Source: MSN News Sign up for our Newsletter Related:
- London Hospitals Knew of Cyber Vulnerabilities Years Before Hack
June 14, 2024
A group of London hospitals struggling to contain the fallout from a cyberattack against a critical supplier had known for years about weaknesses that left them vulnerable to hacks, according to documents reviewed by Bloomberg News. The Guy’s and St Thomas’ NHS Foundation Trust, which runs five major hospitals in the London area, has failed to ...