Microsoft has cut off access to dozens of its open source projects hosted on GitHub as it investigates how hackers apparently breached the projects and injected password-stealing malware into the code.
Many of the affected projects relate to Microsoft’s cloud service Azure and other tools used by developers to code with AI development apps, such as Claude Code, Gemini’s command line interface, and VS Code.
Read more…
Source: TechCrunch News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Victims of Cyberattack on File-Transfer Tool Pile Up
July 19, 2023
The list of companies hit by a cyberattack on a widely used software tool continues to expand and several victims have filed lawsuits alleging mishandling of data. The continued disclosure of new victims affected by hackers exploiting a vulnerability in MoveIt, a common file-transfer tool from Progress Software, underscores how cyberattacks can ripple through supply chains. ...
- North Carolina: Kannapolis didn’t alert public when cyberattack knocked out police dispatch
July 19, 2023
More than a year ago, a cyberattack knocked out the system used in Kannapolis to dispatch police and firefighters. You wouldn’t know that based on what the city told the public. Read more… Source: Yahoo! News
- Many businesses don’t even know they’ve been hit by a security breach
July 19, 2023
Many businesses don’t know if they have suffered a data breach, and probably wouldn’t be able to spot such an event at all, due to the ever-expanding threat landscape, and notification fatigue among IT staff, new research has claimed. A report from cybersecurity experts Vectra AI surveying more than 2,000 IT security analysts found that nearly ...
- Estee Lauder says hacker obtained some data from its systems
July 19, 2023
Beauty products maker Estee Lauder said on Tuesday that a hacker had obtained some data from its systems, and the incident was expected to cause disruption to parts of the company’s operations. The firm said it is working to understand the nature and scope of that data that was stolen. Estee Lauder added that it had ...
- FIN8 Uses Revamped Sardonic Backdoor to Deliver Noberus Ransomware
July 18, 2023
Symantec’s Threat Hunter Team, a part of Broadcom, recently observed the Syssphinx (aka FIN8) cyber-crime group deploying a variant of the Sardonic backdoor to deliver the Noberus ransomware. While analysis of the backdoor revealed it to be part of the Sardonic framework previously used by the group, and analyzed in a 2021 report from Bitdefender, it ...
- How Hackers Could Attack Electric Vehicle Chargers
July 18, 2023
With his electric Kia EV6 running low on power, Sky Malcolm pulled into a bank of fast-chargers near Terre Haute, Indiana, to plug in. As his car powered up, he peeked at nearby chargers. One in particular stood out. Instead of the businesslike welcome screen displayed on the other Electrify America units, this one featured a ...