Microsoft has cut off access to dozens of its open source projects hosted on GitHub as it investigates how hackers apparently breached the projects and injected password-stealing malware into the code.
Many of the affected projects relate to Microsoft’s cloud service Azure and other tools used by developers to code with AI development apps, such as Claude Code, Gemini’s command line interface, and VS Code.
Read more…
Source: TechCrunch News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Mortgage and loan giant Mr. Cooper blames cyberattack for ongoing outage
November 2, 2023
Mortgage and loan giant Mr. Cooper says a “cybersecurity incident” earlier this week was the cause of an ongoing outage, adding that the company is “working to resolve the issue.” The Texas-based company said in a statement on its website that on October 31, Mr. Cooper “became the target of a cyber security incident and took ...
- Boeing confirms ‘cyber incident’ after ransomware gang claims data theft
November 2, 2023
Aerospace giant Boeing has confirmed that it is dealing with a “cyber incident,” days after the company was listed on the leak site of the LockBit ransomware gang. In a statement given to TechCrunch, Boeing spokesperson Jim Prolux confirmed that attackers had targeted “elements of our parts and safety business.” The spokesperson added: “This issue does ...
- New Zealand: Money-motivated cyber attacks outnumber those carried out by nation-states
November 2, 2023
Major financially motivated cyber attacks in New Zealand have exceeded those launched by nation-states for the first time, and AI looms as an ever-greater weapon, a new report says. In its latest annual threat report, the National Cyber Security Centre said the potential impact was growing – though the number of major attacks dropped slightly, to ...
- Do government sanctions against ransomware groups work?
November 2, 2023
Earlier this year, the U.S. government imposed sanctions against Russian national Mikhail Matveev, an FBI most-wanted cybercriminal, who authorities accuse of being a “prolific ransomware affiliate” involved in cyberattacks in the United States and overseas. Authorities say Matveev played a major role in the development and deployment of the Hive, LockBit and Babuk ransomware variants, ...
- Forty Countries Agree Not to Pay Cybercrime Ransoms
November 1, 2023
Dozens of US allies have signed an agreement never to pay digital extortionists, in a sign of the growing impact ransomware is having on their national security and economies. The pledge was made at the second annual meeting of the International Counter Ransomware Initiative and reported by attendant media, although there is no official word yet ...
- Ransomware gang HelloKitty exploits critical Apache ActiveMQ bug CVE-2023-46604
November 1, 2023
Beginning Friday, October 27, Rapid7 Managed Detection and Response (MDR) identified suspected exploitation of Apache ActiveMQ CVE-2023-46604 in two different customer environments. In both instances, the adversary attempted to deploy ransomware binaries on target systems in an effort to ransom the victim organizations. Based on the ransom note and available evidence, we attribute the activity to ...