Microsoft has cut off access to dozens of its open source projects hosted on GitHub as it investigates how hackers apparently breached the projects and injected password-stealing malware into the code.
Many of the affected projects relate to Microsoft’s cloud service Azure and other tools used by developers to code with AI development apps, such as Claude Code, Gemini’s command line interface, and VS Code.
Read more…
Source: TechCrunch News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Victorian government documents released on dark web after cyber attack
July 14, 2023
Victorian government legal files have been released on the dark web by criminals after a major cyber attack on law firm HWL Ebsworth. Victoria’s Chief Information Security Officer David Cullen on Friday said HWL Ebsworth had confirmed government information had been posted. The law firm was hit by a cyber incident in late April when information ...
- Cyber attack targets Libyan internet provider LTT
July 13, 2023
The Libyan Post Telecommunications & Information Technology Company (LPTIC) said Wednesday that the data center of Libya Internet and Technology, the state-run internet provider, came under a cyber attack which led to disruption of services. In a statement, the LPTIC added that unknown attacker attempted to hack the data center but its cybersecurity team and LTT ...
- Commerce Secretary Gina Raimondo’s emails hacked in Microsoft cyber breach
July 13, 2023
Commerce Secretary Gina Raimondo’s emails were hacked as part of the Microsoft cyber breach, according to a source familiar with the investigation. Microsoft’s Outlook systems were breached by Chinese hackers, according to the company. The breach was discovered in May. Read more… Source: ABC News
- Utility cyber threats on the rise, but experts say don’t forget basics
July 12, 2023
“There’s an increase in threat actors targeting critical infrastructure,” said Katell Thielemann, a Gartner research analyst focused on risk and security for cyber-physical systems. “And there’s an enhanced sensitivity that threat actors are probing infrastructure.” Since 2021, the U.S. Department of Energy’s annual summary of electric disturbance events shows an uptick in cyber activity. And cyber ...
- Hunting for A New Stealthy Universal Rootkit Loader
July 11, 2023
In one of their recent threat hunting investigations, Trend Micro researchers came across an interesting new threat activity cluster that we initially thought was a false positive detection for a Microsoft signed file. However, this turned out to be a novel piece of a signed rootkit that communicates with a large command-and-control (C&C) infrastructure for an ...
- 12,000 State Bank of India employees’ sensitive data leaked on Telegram channels
July 11, 2023
In a massive data breach incident, the data of more than 12,000 State Bank of India (SBI) employees was leaked on Telegram channels. The leaked data included the employees’ personal information, such as their SBI passbooks, names, addresses, contact numbers, and PAN numbers. The data breach was unearthed after a Telegram channel with the handle @sbi_data ...