Microsoft has cut off access to dozens of its open source projects hosted on GitHub as it investigates how hackers apparently breached the projects and injected password-stealing malware into the code.
Many of the affected projects relate to Microsoft’s cloud service Azure and other tools used by developers to code with AI development apps, such as Claude Code, Gemini’s command line interface, and VS Code.
Read more…
Source: TechCrunch News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Criminals Pose as Chinese Authorities to Target US-based Chinese Community
April 10, 2023
The FBI warns of criminal actors posing as Chinese law enforcement officials or prosecutors in financial fraud schemes targeting the US-based Chinese community. Criminals tell victims they are suspects in financial crimes and threaten them with arrest or violence if they do not pay the criminals. Criminals exploit widely publicized efforts by the People’s Republic ...
- Major Cyber Insurance Overhaul Begins Now
April 9, 2023
One thing is clear about cyber insurance in the spring of 2023: The status quo is not sustainable. And now, Lloyd’s of London, a major player in the global insurance market, is calling for dramatic changes in the cyber insurance market. According to The Financial Times (FT), “From next month, Lloyd’s will require the dozens of ...
- Money Message ransomware gang claims MSI breach, demands $4 million
April 7, 2023
Taiwanese PC parts maker MSI (Micro-Star International) has been listed on the extortion portal of a new ransomware gang known as “Money Message,” which claims to have stolen source code from the company’s network. MSI is a global hardware giant that makes motherboards, graphics cards, desktops, laptops, servers, industrial systems, PC peripherals, and infotainment products, with ...
- Genesis Market Disrupted in International Cyber Operation
April 6, 2023
U.S. Attorney Gregory J. Haanstad for the Eastern District of Wisconsin joined the Attorney General and other Justice Department officials in announcing a coordinated international operation that resulted in the dismantlement of Genesis Market, a criminal marketplace accessible on the dark web and clear web that advertised and sold packages of account access credentials – ...
- Typhon info-stealing malware devs upgrade evasion capabilities
April 5, 2023
The developers of the Typhon info-stealer announced on a dark web forum that they have updated the malware to a major version they advertise as ‘Typhon Reborn V2’ They boast significant improvements designed to thwart analysis via anti-virtualization mechanisms. The original Typhon was discovered by malware analysts in August 2022. Cyble Research Labs analyzed it at the ...
- UK criminal records office suffers two-month “cyber security incident”
April 5, 2023
The UK’s national office for managing criminal record information (ACRO) has confirmed it’s currently trying to recover from a two-month “cyber security incident”. Few details were revealed by the organisation and other authorities, other than that the attack took place between 17 January and 21 March 2023. Read more… Source: IT Pro