Microsoft has cut off access to dozens of its open source projects hosted on GitHub as it investigates how hackers apparently breached the projects and injected password-stealing malware into the code.
Many of the affected projects relate to Microsoft’s cloud service Azure and other tools used by developers to code with AI development apps, such as Claude Code, Gemini’s command line interface, and VS Code.
Read more…
Source: TechCrunch News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- New Horabot campaign targets the Americas
June 1, 2023
Cisco Talos has observed a threat actor deploying a previously unidentified botnet program Talos is calling “Horabot,” which delivers a known banking trojan and spam tool onto victim machines in a campaign that has been ongoing since at least November 2020. The threat actor appears to be targeting Spanish-speaking users in the Americas and, based on ...
- Critical Barracuda 0-day was used to backdoor networks for 8 months
May 31, 2023
A critical vulnerability patched 10 days ago in widely used email software from IT security company Barracuda Networks has been under active exploitation since October. The software bug, tracked as CVE-2023-2868, is a remote-command injection vulnerability that stems from incomplete input validation of user-supplied .tar files, which are used to pack or archive multiple files. Read more… Source: ...
- Greece Orders Probe into Exam System Cyber-Attacks
May 31, 2023
Greece’s Supreme Court launched on Tuesday an urgent investigation into the cyber-attacks targeting the Greek high school exams that were interrupted two days running. Following a second cyber-attack on the data bank providing the exam questions, Supreme Court Public Prosecutor Isidoros Dogiakos ordered an investigation with the assistance of the Hellenic Police Cyber Crime Unit. Read more… Source: ...
- Capita cyber-attack: 90 organisations report data breaches
May 30, 2023
About 90 organisations have reported breaches of personal information held by Capita after the outsourcing group suffered a cyber-attack, Britain’s data watchdog has said. The company, which runs crucial services for local councils, the military and the NHS, experienced the hack, which caused a significant IT outage, in March. Read more… Source: The Guardian
- MCNA Dental data breach impacts 8.9 million people after ransomware attack
May 29, 2023
Managed Care of North America (MCNA) Dental has published a data breach notification on its website, informing almost 9 million patients that their personal data were compromised. MCNA Dental is one of the largest government-sponsored (Medicaid and CHIP) dental care and oral health insurance providers in the U.S. Read more… Source: Bleeping Computer
- New York county still dealing with ransomware eight months after attack
May 29, 2023
The fallout from an eight-month-old cyber attack on a county in Long Island, New York has devolved into mud-slinging as leaders try to figure out just what is going on. Suffolk County was hit with a ransomware attack in early September 2022, which led county executive Steve Bellone to issue nine separate emergency declarations, Long ...