Microsoft has cut off access to dozens of its open source projects hosted on GitHub as it investigates how hackers apparently breached the projects and injected password-stealing malware into the code.
Many of the affected projects relate to Microsoft’s cloud service Azure and other tools used by developers to code with AI development apps, such as Claude Code, Gemini’s command line interface, and VS Code.
Read more…
Source: TechCrunch News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Petro-Canada experiences outages as cyber attack reported
June 26, 2023
Petro-Canada customers couldn’t pay or use points cards at many stations as a cyber attack was reported at the parent company, Suncor Energy. Customers were reportedly only able to pay cash at the pumps and in-stores at several gas stations across Ontario on the weekend. Read more… Source: Insauga News
- AI And Cybercrime Unleash A New Era Of Menacing Threats
June 23, 2023
Artificial intelligence (AI) is catching a lot of headlines recently. It doesn’t matter whether you’ve been paying attention to these headlines or not—chances are you’ve heard about the recent developments in the world of AI and the extraordinary feats these projects are accomplishing. Large language models (LLMs) like OpenAI’s ChatGPT, Microsoft’s Bing Chat and Google’s Bard ...
- Why is it so rare to hear about Western cyber-attacks?
June 23, 2023
A cyber-attack that took over iPhones at a Russian technology company is being blamed on US government hackers. Could the attack, and the response from the Russian government, be rewriting the narrative of who the good guys and bad guys are in cyber-space? Camaro Dragon, Fancy Bear, Static Kitten and Stardust Chollima – these aren’t the ...
- IoT Under Siege: The Anatomy of the Latest Mirai Campaign Leveraging Multiple IoT Exploits
June 22, 2023
Since March 2023, Unit 42 researchers have observed threat actors leveraging several IoT vulnerabilities to spread a variant of the Mirai botnet. The threat actors have the ability to gain complete control over the compromised devices, integrating those devices into the botnet. These devices are then used to execute additional attacks, including distributed denial-of-service (DDoS) attacks. Read ...
- LockBit Green and phishing that targets organizations
June 22, 2023
In recent months, Kaspersky published private reports on a broad range of subjects. They wrote about malware targeting Brazil, about CEO fraud attempts, Andariel, LockBit and others. For this post, Kaspersky researchers selected three private reports, namely those related to LockBit and phishing campaigns targeting businesses, and prepared excerpts from these. Read more… Source: Kaspersky
- IoT devices and Linux-based systems targeted by OpenSSH trojan campaign
June 22, 2023
Cryptojacking, the illicit use of computing resources to mine cryptocurrency, has become increasingly prevalent in recent years, with attackers building a cybercriminal economy around attack tools, infrastructure, and services to generate revenue from targeting a wide range of vulnerable systems, including Internet of Things (IoT) devices. Microsoft researchers have recently discovered an attack leveraging custom and ...