Microsoft has cut off access to dozens of its open source projects hosted on GitHub as it investigates how hackers apparently breached the projects and injected password-stealing malware into the code.
Many of the affected projects relate to Microsoft’s cloud service Azure and other tools used by developers to code with AI development apps, such as Claude Code, Gemini’s command line interface, and VS Code.
Read more…
Source: TechCrunch News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Lockbit leak, research opportunities on tools leaked from TAs
August 25, 2023
Lockbit is one of the most prevalent ransomware strains. It comes with an affiliate ransomware-as-a-service (RaaS) program offering up to 80% of the ransom demand to participants, and includes a bug bounty program for those who detect and report vulnerabilities that allow files to be decrypted without paying the ransom. According to the Lockbit owners, the ...
- Belgium’s Econocom confirms cyber attack, no sensitive data disclosed
August 24, 2023
Belgian IT services firm Econocom on Thursday confirmed it is investigating a cyber attack it believes originated from a service provider working with some of its clients in France. Read more… Source: USNews
- Lazarus Group’s infrastructure reuse leads to discovery of new malware
August 24, 2023
In the new Lazarus Group campaign we recently disclosed, the North Korean state-sponsored actor continues to use much of the same infrastructure despite those components being well-documented by security researchers over the years. Their continued use of the same tactics, techniques and procedures (TTPs) — many of which are publicly known — highlights the group’s confidence ...
- Danish cloud host says customers ‘lost all data’ after ransomware attack
August 23, 2023
Cloud host CloudNordic says most of its customers have “lost all data with us” following a ransomware attack on its data center systems, including its backups. The Denmark-based cloud company said the ransomware attack began Friday, during which cybercriminals “shut down all systems,” including its website and email, and encrypted customer systems and websites. Read more… Source: TechCrunch
- DarkGate reloaded via malvertising and SEO poisoning campaigns
August 23, 2023
In July 2023, Malwarebytes researchers observed a malvertising campaign that lured potential victims to a fraudulent site for a Windows IT management tool. Unlike previous similar attacks, the final payload was packaged differently and not immediately recognizable. The decoy file came as an MSI installer containing an AutoIT script where the payload was obfuscated to avoid ...
- Australia ranked among the most targeted countries for ransomware attacks
August 23, 2023
Cybersecurity experts warn Australian businesses are under threat as the nation remains one of the most targeted for ransomware attacks. Threat analysis company Flashpoint ranked Australia eight following 11 ransomware attacks in July, behind the USA and the UK. Read more… Source: News.com.au