Microsoft has cut off access to dozens of its open source projects hosted on GitHub as it investigates how hackers apparently breached the projects and injected password-stealing malware into the code.
Many of the affected projects relate to Microsoft’s cloud service Azure and other tools used by developers to code with AI development apps, such as Claude Code, Gemini’s command line interface, and VS Code.
Read more…
Source: TechCrunch News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Android Minecraft clones with 35M downloads infect users with adware
April 27, 2023
A set of 38 Minecraft copycat games on Google Play infected devices with the Android adware ‘HiddenAds’ to stealthily load ads in the background to generate revenue for its operators. Minecraft is a popular sandbox game with 140 million monthly active players, which numerous game publishers have attempted to recreate. Read more… Source: Bleeping Computer
- Linux version of RTM Locker ransomware targets VMware ESXi servers
April 27, 2023
RTM Locker is the latest enterprise-targeting ransomware operation found to be deploying a Linux encryptor that targets virtual machines on VMware ESXi servers. The RTM (Read The Manual) cybercrime gang has been active in financial fraud since at least 2015, known for distributing a custom banking trojan used to steal money from victims. Read more… Source: Bleeping Computer
- Ukraine ‘testing ground’ for Australian cyber defences
April 27, 2023
Ukraine’s ambassador says cyber security assistance to help combat Russian aggression would also help boost Australia’s own capabilities. Vasyl Myroshnychenko said he would welcome any further assistance with Ukraine’s defence against Russia, adding it would provide Australia with a good opportunity to stress test its own resources. Read more… Source: MSN News
- Clop, LockBit ransomware gangs behind PaperCut server attacks
April 26, 2023
Microsoft has attributed recent attacks on PaperCut servers to the Clop and LockBit ransomware operations, which used the vulnerabilities to steal corporate data. Last month, two vulnerabilities were fixed in the PaperCut Application Server that allows remote attackers to perform unauthenticated remote code execution and information disclosure. Read more… Source: Bleeping Computer
- Chinese Alloy Taurus Updates PingPull Malware
April 26, 2023
Unit 42 researchers recently identified a new variant of PingPull malware used by Alloy Taurus actors designed to target Linux systems. While following the infrastructure leveraged by the actor for this PingPull variant, we also identified their use of another backdoor we track as Sword2033. The first samples of PingPull malware date back to September 2021. ...
- Energy giant warns of ‘catastrophic damage’ if government bans payment of cyber ransoms
April 26, 2023
A government-imposed ban on companies paying cyber ransoms to hackers could cause “catastrophic damage” and even lead to the loss of Australian lives, the nation’s biggest energy producer has warned. AGL Energy, whose board was recently reshuffled by Atlassian billionaire Mike Cannon-Brookes, described ransom bans as a dangerous double-edged sword. Read more… Source: 9News