Microsoft has cut off access to dozens of its open source projects hosted on GitHub as it investigates how hackers apparently breached the projects and injected password-stealing malware into the code.
Many of the affected projects relate to Microsoft’s cloud service Azure and other tools used by developers to code with AI development apps, such as Claude Code, Gemini’s command line interface, and VS Code.
Read more…
Source: TechCrunch News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Threat landscape for industrial automation systems, Q1 2024
May 27, 2024
In the first quarter of 2024, the percentage of ICS computers on which malicious objects were blocked decreased by 0.3 pp from the previous quarter to 24.4%. Compared to the first quarter of 2023, the percentage decreased by 1.3 pp. Building automation has historically led the surveyed industries in terms of the percentage of ICS computers ...
- Data breach at medical giant Cencora exposes info from multiple drug companies
May 27, 2024
Almost a dozen pharmaceutical companies, including several major players, have lost sensitive customer data due to a supply chain cyberattack that trickled down from pharma giant Cencora. In late February 2024, drug wholesale company Cencora (previously known as AmerisourceBergen) filed a Form 8-K with the Securities and Exchange Commission (SEC), reporting a data breach incident, without ...
- Ghana Cyber Security Authority Records 187 Cases of WhatsApp Account Takeovers, Warns of Rising Trend
May 27, 2024
The Cyber Security Authority (CSA) says a growing number of Ghanaians are falling victim to social engineering and sharing WhatsApp verification codes with malicious actors. This has led to about 187 cases recorded since 2023, it said in a statement. “Malicious actors disguise themselves as familiar contacts or as authoritative figures (typically as administrators of Groups ...
- Massive cyber attack against Eritrea’s Internet System
May 26, 2024
A massive cyber attack was unleashed against Eritrea’s Internet System on Independence Day, Friday, 24 May 2024, at 12:32’:47 in the afternoon hours. The attempt was foiled by the defensive countermeasures deployed promptly, and the network continued its functions without interruptions. The identity of the originators, architects, and implementers of the attempted cyber attack is not ...
- Hellhounds: Operation Lahat. Part 2
May 23, 2024
In November 2023, the team at the Positive Technologies Expert Security Center (PT ESC) released their first research report on attacks by the hitherto-unknown group Hellhounds on Russian companies’ infrastructure: Operation Lahat. The report focused on the group’s attacks on Linux hosts that relied on a new backdoor known as Decoy Dog. Hellhounds carried on attacks ...
- Crooks plant backdoor in software used by courtrooms around the world
May 23, 2024
A software maker serving more than 10,000 courtrooms throughout the world hosted an application update containing a hidden backdoor that maintained persistent communication with a malicious website, researchers reported Thursday, in the latest episode of a supply-chain attack. The software, known as the JAVS Viewer 8, is a component of the JAVS Suite 8, an application ...