Microsoft has cut off access to dozens of its open source projects hosted on GitHub as it investigates how hackers apparently breached the projects and injected password-stealing malware into the code.
Many of the affected projects relate to Microsoft’s cloud service Azure and other tools used by developers to code with AI development apps, such as Claude Code, Gemini’s command line interface, and VS Code.
Read more…
Source: TechCrunch News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Malaysia-linked DragonForce hacktivists attack Indian targets
June 15, 2022
A Malaysia-linked hacktivist group has attacked targets in India, seemingly in reprisal for a representative of the ruling Bharatiya Janata Party (BJP) making remarks felt to be insulting to the prophet Muhammad. The BJP has ties to the Hindu Nationalist movement that promotes the idea India should be an exclusively Hindu nation. During a late May ...
- A tiny botnet launched the largest DDoS attack on record
June 15, 2022
Web performance firm Cloudflare says it mitigated a record-breaking distributed denial of service (DDoS) attack last week that peaked at 26 million request per second (rps). It was caused by a small but powerful botnet of just 5,067 devices. This attack didn’t originate from compromised low-bandwidth Internet of Things devices like many other DDoS or junk ...
- How much does access to corporate infrastructure cost?
June 15, 2022
Money has been and remains the main motivator for cybercriminals. The most widespread techniques of monetizing cyberattacks include selling stolen databases, extortion (using ransomware) and carding. However, there is demand on the dark web not only for data obtained through an attack, but also for the data and services necessary to organize one (e.g., to ...
- Exposing HelloXD Ransomware and x4k
June 12, 2022
HelloXD is a ransomware family performing double extortion attacks that surfaced in November 2021. During our research Palo Alto team observed multiple variants impacting Windows and Linux systems. Unlike other ransomware groups, this ransomware family doesn’t have an active leak site; instead it prefers to direct the impacted victim to negotiations through TOX chat and ...
- LockBit 2.0: How This RaaS Operates and How to Protect Against It
June 9, 2022
LockBit 2.0 is ransomware as a service (RaaS) that first emerged in June 2021 as an upgrade to its predecessor LockBit (aka ABCD Ransomware), which was first observed in September 2019. Since its inception, the LockBit 2.0 RaaS attracted affiliates via recruitment campaigns in underground forums, and thus became particularly prolific during the third quarter of ...
- Vice Society ransomware claims attack on Italian city of Palermo
June 9, 2022
The Vice Society ransomware group has claimed responsibility for the recent cyber attack on the city of Palermo in Italy, which has caused a large-scale service outage. The attack occurred last Friday, and all internet-relying services remain unavailable, impacting 1.3 million people and many tourists visiting the city. The authorities admitted the severity of the incident on ...