Microsoft has cut off access to dozens of its open source projects hosted on GitHub as it investigates how hackers apparently breached the projects and injected password-stealing malware into the code.
Many of the affected projects relate to Microsoft’s cloud service Azure and other tools used by developers to code with AI development apps, such as Claude Code, Gemini’s command line interface, and VS Code.
Read more…
Source: TechCrunch News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Czechia: University of Defence victim of cyber-attack
September 27, 2023
Czechia’s University of Defence was the victim of a cyber-attack, with hackers evidently stealing data from the institution’s rector, iRozhlas.cz reported on Wednesday. The news website said the Municipal State Prosecutor’s Office in Brno was looking into the matter. A spokesperson for the National Cyber and Information Security Agency said it would not comment on the ...
- NSA, FBI, CISA, and Japanese Partners Release Advisory on PRC-Linked Cyber Actors
September 27, 2023
Today, the U.S. National Security Agency (NSA), Federal Bureau of Investigation (FBI), and Cybersecurity and Infrastructure Security Agency (CISA), along with the Japan National Police Agency (NPA) and the Japan National Center of Incident Readiness and Strategy for Cybersecurity (NISC) released joint Cybersecurity Advisory (CSA) People’s Republic of China-Linked Cyber Actors Hide in Router Firmware. The ...
- A Ransomware Group Is Claiming They’ve Breached Sony’s Systems And Stolen Data
September 27, 2023
Although the claims of a data breach are still unverified, Sony has publicly acknowledged the situation and issued a statement to IGN which simply reads, “We are currently investigating the situation, and we have no further comment at this time.” It looks like Sony may have been victim of a breach resulting in the collection of ...
- ASEAN, China, and UNODC agree to a plan of action to address criminal scams in Southeast Asia
September 26, 2023
Senior officials from ASEAN, China and United Nations Office on Drugs and Crime (UNODC) have agreed to address transnational organized crime and trafficking in persons associated with casinos and scams. “Trafficking in persons connected to casinos and scam operations run by organized crime has mushroomed across Southeast Asia, particularly in the Mekong” remarked Jeremy Douglas, UNODC ...
- Dusting for fingerprints: ShadowSyndicate, a new RaaS player?
September 26, 2023
The Ransomware-as-a-Service (RaaS) market is a fast-moving one. Prominent RaaS or affiliate groups can form, wreak havoc, and disband all within a short period of time. In this blog, Group-IB researchers will detail what they believe to be a new RaaS group that appears to operate differently from the rest: Enter ShadowSyndicate. What is unusual about ...
- APT and financial attacks on industrial organizations in H1 2023
September 25, 2023
This summary provides an overview of reports of APT and financial attacks on industrial enterprises that were disclosed in H1 2023, as well as related activities of groups that have been observed attacking industrial organizations and critical infrastructure facilities. For each topic, Kaspersky researchers have sought to summarize the key facts, findings, and conclusions of the ...