Microsoft has cut off access to dozens of its open source projects hosted on GitHub as it investigates how hackers apparently breached the projects and injected password-stealing malware into the code.
Many of the affected projects relate to Microsoft’s cloud service Azure and other tools used by developers to code with AI development apps, such as Claude Code, Gemini’s command line interface, and VS Code.
Read more…
Source: TechCrunch News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- UAE: ChatGPT used to launch cyber and ransomware attacks, says head of cybersecurity
June 7, 2023
Cyber attackers are using ChatGPT to launch ransomware attacks, said a senior UAE government official on Wednesday. “The emerging trend at the start of the year is that ChatGPT is used in some of the ransomware and phishing attacks. We investigated this with our partners and the discovery is really clear that adversaries are using that ...
- Thousands of Aer Lingus staff data stolen in ransomware attack
June 7, 2023
A Russia-linked ransomware gang responsible for a global cyber attack that has led to 5,000 Aer Lingus staff having their data stolen may have acquired enough information for identity theft, a leading cybercrime expert has warned. US company Progress Software revealed last week hackers had found a way to compromise the MOVEit Transfer software which is ...
- Adversaries increasingly using vendor and contractor accounts to infiltrate networks
June 6, 2023
The software supply chain has become a key security focus for many organizations, but the risks associated with supply chain attacks are often misunderstood. High-profile incidents like those reported by 3CX and MSI routinely grab headlines, continuing a trajectory of big-name security events that involve one specific aspect of the supply chain – software. Successful software-focused ...
- At least 100,000 Nova Scotians affected by cyber theft of government employee files
June 6, 2023
Cyber-criminals made off with the personal and banking information of at least 100,000 Nova Scotians last week, before the Nova Scotia government secured a file transfer service that had been breached as part of a global attack on MOVEit. Nova Scotia’s Minister of Cyber Security and Digital Service Colton LeBlanc provided that number Tuesday as part ...
- Spanish Globalcaja bank confirms ransomware attack
June 5, 2023
A prominent Spanish bank has confirmed that it is dealing with a ransomware attack that has impacted multiple branches. On Friday, Globalcaja issued a statement assuring customers that the incident has not impacted its entities’ operations, and that electronic banking and ATM services are still functioning. Read more… Source: Computing News
- Microsoft says Clop ransomware gang is behind MOVEit mass-hacks, as first victims come forward
June 5, 2023
Security researchers have linked to the notorious Clop ransomware gang a new wave of mass-hacks targeting a popular file transfer tool, as the first victims of the attacks begin to come forward. It was revealed last week that hackers are exploiting a newly discovered vulnerability in MOVEit Transfer, a file-transfer tool widely used by enterprises to ...