Microsoft has cut off access to dozens of its open source projects hosted on GitHub as it investigates how hackers apparently breached the projects and injected password-stealing malware into the code.
Many of the affected projects relate to Microsoft’s cloud service Azure and other tools used by developers to code with AI development apps, such as Claude Code, Gemini’s command line interface, and VS Code.
Read more…
Source: TechCrunch News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Dmitry Khoroshev named as alleged leader of ransomware gang LockBit
May 7, 2024
The alleged leader of what was once the world’s largest ransomware outfit, LockBit, has been named as Russian national Dmitry Khoroshev by the UK’s National Crime Agency (NCA), after the seizure of the criminal gang’s infrastructure. Khoroshev, who lived his online life under the name LockBitSupp, has been sanctioned by the UK, US and Australia as ...
- Exploits and vulnerabilities in Q1 2024
May 7, 2024
Software vulnerabilities that threat actors can exploit or are already actively exploiting are a critical component of evolving cyberthreat landscape. In this report, Kaspersky researchers present a series of insightful statistical and analytical snapshots relating to the trends in the emergence of new vulnerabilities and exploits, as well as the most prevalent vulnerabilities being used by ...
- UK: Cyber attack on Scots health board sees stolen data published on dark web
May 7, 2024
A large volume of data stolen during a cyber attack on a health board has been published by a ransomware group. Cyber criminals were able to access a significant amount of data including patient and staff-identifiable information during the attack on NHS Dumfries and Galloway which began at the end of February. Data relating to a ...
- Financial cyberthreats in 2023
May 6, 2024
Money is what always attracts cybercriminals. A significant share of scam, phishing and malware attacks is about money. With trillions of dollars of digital payments made every year, it is no wonder that attackers target electronic wallets, online shopping accounts and other financial assets, inventing new techniques and reusing good old ones. Amid the current threat ...
- GenAI Is Powering the Latest Surge in Modern Email Threats
May 6, 2024
Generative artificial intelligence (GenAI) tools like ChatGPT have extensive business value. They can write content, clean up context, mimic writing styles and tone, and more. But what if bad actors abuse these capabilities to create highly convincing, targeted and automated phishing messages at scale? No need to wonder as it’s already happening. Not long after the ...
- Portland-based BerryDunn faces lawsuits over data breach affecting 1.1M people
May 6, 2024
A Maine accounting firm has been sued after a data breach exposed the personal information of more than a million people. BerryDunn, an accounting firm based out of Portland, is facing lawsuits from nine different people. The lawsuits claim that names and Social Security numbers of 1.1 million people were exposed in the breach involving one ...