Microsoft has cut off access to dozens of its open source projects hosted on GitHub as it investigates how hackers apparently breached the projects and injected password-stealing malware into the code.
Many of the affected projects relate to Microsoft’s cloud service Azure and other tools used by developers to code with AI development apps, such as Claude Code, Gemini’s command line interface, and VS Code.
Read more…
Source: TechCrunch News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- New York ambulance service discloses data breach after ransomware attack
September 17, 2022
Empress EMS (Emergency Medical Services), a New York-based emergency response and ambulance service provider, has disclosed a data breach that exposed customer information. According to the notification, the company suffered a ransomware attack on July 14, 2022. An investigation into the incident revealed that the intruder had gained access to Empress EMS’ systems on May 26, 2022. ...
- Eastern European org hit by second record-smashing DDoS attack
September 16, 2022
Akamai says it has absorbed the largest-ever publicly known distributed denial of service (DDoS) attack – an assault against an unfortunate Eastern European organization that went beyond 700 million packets per second. This latest tsunami of traffic hit on Monday, according to the web infrastructure biz, and we’re told the cybercriminals responsible for the earlier record-setting ...
- Bitdefender releases free decryptor for LockerGoga ransomware
September 16, 2022
Romanian cybersecurity firm Bitdefender has released a free decryptor to help LockerGoga ransomware victims recover their files without paying a ransom. The free tool is available for download from Bitdefender’s servers and allows you to recover encrypted files using instructions in this usage guide. Bitdefender says the decryptor was developed in cooperation with law enforcement agencies, including ...
- Starbucks Singapore says customer data illegally accessed in data leak
September 16, 2022
Starbucks says personal data of some customers in Singapore has been compromised, including names, birthdates, and mobile numbers. While credit card details and passwords have not been leaked, it has advised customers to change their password. The US F&B chain sent email messages to multiple customers on Friday, notifying them that it had detected “unauthorised activity ...
- Uber security breach ‘looks bad’, potentially compromising all systems
September 15, 2022
Uber reportedly has suffered another massive security incident, which is likely more extensive than its 2016 data breach and potentially may have compromised its entire network. It also can result in access logs being deleted or altered. A hacker on Thursday was believed to have breached multiple internal systems, with administrative access to Uber’s cloud services ...
- Hive ransomware claims cyberattack on Bell Canada subsidiary
September 15, 2022
The Hive ransomware gang claimed responsibility for an attack that hit the systems of Bell Canada subsidiary Bell Technical Solutions (BTS). BTS is an independent subsidiary with more than 4,500 employees, specializing in installing Bell services for residential and small business customers across the Ontario and Québec provinces. While the Canadian telecommunications company didn’t reveal when its ...