Microsoft has cut off access to dozens of its open source projects hosted on GitHub as it investigates how hackers apparently breached the projects and injected password-stealing malware into the code.
Many of the affected projects relate to Microsoft’s cloud service Azure and other tools used by developers to code with AI development apps, such as Claude Code, Gemini’s command line interface, and VS Code.
Read more…
Source: TechCrunch News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Data breach hits Navy contractor Fincantieri Marine Group
January 15, 2024
Italian shipbuilding firm Fincantieri’s U.S. arm Fincantieri Marine Group, which is a contractor for the U.S. Navy, disclosed that it had 16,769 individuals’ data compromised following an April ransomware attack that resulted in significant production disruptions. In breach notification letters sent to impacted individuals earlier this month, FMG said that some of its systems had been ...
- Medical data breach could impact thousands from New Hampshire
January 15, 2024
A Massachusetts-based medical company is contacting over 900,000 people whose personal information may have been compromised in a data breach. In a letter to the New Hampshire attorney general’s office, Transformative Healthcare said the breach happened last year when someone gained access to an archived copy of data that previously belonged to Fallon Ambulance Service. Read more… Source: MSN ...
- Hackers target UK in huge cyber attack ‘in response to airstrikes in Yemen’
January 13, 2024
Hackers say they launched a massive cyber attack against the UK in response to airstrikes in Yemen. Anonymous Sudan said Friday’s raid on an internet company was also because Britain had shown “support” for Israel. In a statement on messaging platform Telegram, the group warned: “Big attack on UK soon, in response to the air attacks ...
- Joomla! vulnerability is being actively exploited
January 12, 2024
The Cybersecurity and Infrastructure Security Agency (CISA) has added a vulnerability for the Joomla! Content Management System (CMS) to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. This means that Federal Civilian Executive Branch (FCEB) agencies need to remediate this vulnerability by January 29, 2024 in order to protect their devices against active ...
- Financial Fraud APK Campaign
January 12, 2024
During Unit 42 ivestigation discovering threats in legitimate network traffic, activity generated by a certain type of Android Package Kit (APK) files kept hitting their radar. The research revealed a family of malicious APKs targeting Chinese users that steals victim information and conducts financial fraud. To do this, the threat actor masquerades as a law enforcement ...
- Dallas says cyberattack targeted more people than previously disclosed
January 11, 2024
Hackers who targeted the city of Dallas had access to the addresses, Social Security numbers and other personal information of nearly 300 more people than what had been previously disclosed to the public, city officials now say. The city’s spokesperson confirmed on Wednesday that further internal investigations into the cyberattack determined an additional 293 people, including ...