Microsoft has cut off access to dozens of its open source projects hosted on GitHub as it investigates how hackers apparently breached the projects and injected password-stealing malware into the code.
Many of the affected projects relate to Microsoft’s cloud service Azure and other tools used by developers to code with AI development apps, such as Claude Code, Gemini’s command line interface, and VS Code.
Read more…
Source: TechCrunch News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Noodle RAT: Reviewing the Backdoor Used by Chinese-Speaking Groups
June 11, 2024
Since 2022, Trend Micro researchers have been investigating numerous targeted attacks in the Asia-Pacific region that used the same ELF backdoor. Most vendors identify this backdoor as a variant of existing malware such as Gh0st RAT or Rekoobe. However, Trend Micro unearthed the truth: this backdoor is not merely a variant of existing malware, but is ...
- City of Helsinki’s suffers data breach
June 11, 2024
It remains unclear whether the perpetrator behind a massive data breach of the City of Helsinki has tried to benefit from the crime, according to the City. Detected in April, the hack resulted in the leak of tens of millions of files from the city’s internal network. The stolen files included the personal data of up ...
- Singaporean businesses targeted by Akira ransomware
June 10, 2024
Akira – a ransomware hacker group -that extorted $42 million from over 250 organizations across North America, Europe, and Australia within a year, is now actively targeting businesses in Singapore, according to a joint advisory issued by Singaporean authorities. The Cyber Security Agency of Singapore (CSA), the Singapore Police Force, and the Personal Data Protection Commission ...
- Bypassing 2FA with phishing and OTP bots
June 10, 2024
Two-factor authentication (2FA) is a security feature we have come to expect as standard by 2024. Most of today’s websites offer some form of it, and some of them won’t even let you use their service until you enable 2FA. Individual countries have adopted laws that require certain types of organizations to protect users’ accounts ...
- Thousands detained as Thailand ramps up cybercrime suppression campaign
June 10, 2024
The Ministry of Digital Economy and Society (MDES) is intensifying its efforts to combat cybercrime. It reported a significant increase in access blocks to gambling websites and the closure of millions of suspicious mobile lines last month. The Ministry of Digital Economy and Society (MDES) has been taking strong measures to combat cybercrime, particularly in the ...
- Major data breach at Philippines Agricultural Credit Policy Council (ACPC) exposes sensitive information
June 9, 2024
The Agricultural Credit Policy Council (ACPC) has been hacked, exposing sensitive data and raising concerns about government agency security. Ph1ns, a hacker who gained unauthorized access to the ACPC’s internal systems, revealed the breach. The hacker was also responsible for several hack attacks on government agencies, including the DOST and the PNP. Read more… Source: Manila Bulletin Sign up ...