Microsoft has cut off access to dozens of its open source projects hosted on GitHub as it investigates how hackers apparently breached the projects and injected password-stealing malware into the code.
Many of the affected projects relate to Microsoft’s cloud service Azure and other tools used by developers to code with AI development apps, such as Claude Code, Gemini’s command line interface, and VS Code.
Read more…
Source: TechCrunch News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Play ransomware gang uses custom Shadow Volume Copy data-theft tool
April 19, 2023
The Play ransomware group has developed two custom tools in .NET, namely Grixba and VSS Copying Tool, which it uses to improve the effectiveness of its cyberattacks. The two tools enable attackers to enumerate users and computers in compromised networks, gather information about security, backup, and remote administration software, and easily copy files from Volume Shadow ...
- Capita IT breach gets worse as Black Basta claims it’s now selling off stolen data
April 18, 2023
Black Basta, the extortionists who claimed they were the ones who lately broke into Capita, have reportedly put up for sale sensitive details, including bank account information, addresses, and passport photos, stolen from the IT outsourcing giant. A spokesperson for the London-based corporation, which has UK government contracts totaling £6.5 billion ($8 billion), said it hasn’t ...
- State-sponsored campaigns target global network infrastructure
April 18, 2023
Recently, the UK’s National Cyber Security Center (NCSC) released a report on a sustained campaign by a Russian intelligence agency targeting a vulnerability in routers that Cisco had published a patch for in 2017. This campaign, dubbed “Jaguar Tooth,” is an example of a much broader trend of sophisticated adversaries targeting networking infrastructure to advance ...
- New QBot email attacks use PDF and WSF combo to install malware
April 17, 2023
QBot malware is now distributed in phishing campaigns utilizing PDFs and Windows Script Files (WSF) to infect Windows devices. Qbot (aka QakBot) is a former banking trojan that evolved into malware that provides initial access to corporate networks for other threat actors. This initial access is done by dropping additional payloads, such as Cobalt Strike, Brute ...
- Ex-Conti members and FIN7 devs team up to push new Domino malware
April 17, 2023
Ex-Conti ransomware members have teamed up with the FIN7 threat actors to distribute a new malware family named ‘Domino’ in attacks on corporate networks. Domino is a relatively new malware family consisting of two components, a backdoor named ‘Domino Backdoor,’ which in turn drops a ‘Domino Loader’ that injects an info-stealing malware DLL into the memory ...
- Australians lose record $3.1 billion to scams in 2022
April 16, 2023
Doris McAllister spent her whole life working hard to support herself. So, last year, when the 75-year-old saw an international bank offering a good return on deposits, she decided to transfer her life’s savings of $260,000 across to help secure her retirement. Six weeks later, when she needed to make a withdrawal, she realised she had been ...