Microsoft has cut off access to dozens of its open source projects hosted on GitHub as it investigates how hackers apparently breached the projects and injected password-stealing malware into the code.
Many of the affected projects relate to Microsoft’s cloud service Azure and other tools used by developers to code with AI development apps, such as Claude Code, Gemini’s command line interface, and VS Code.
Read more…
Source: TechCrunch News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- AvosLocker Ransomware Variant Abuses Driver File to Disable Anti-Virus, Scans for Log4shell
May 2, 2022
trend Micro researchers found samples of AvosLocker ransomware that makes use of a legitimate driver file to disable anti-virus solutions and detection evasion. While previous AvosLocker infections employ similar routines, this is the first sample they observed from the US with the capability to disable a defense solution using a legitimate Avast Anti-Rootkit Driver file ...
- Hacking Russia was off-limits. The Ukraine war made it a free-for-all.
May 1, 2022
For more than a decade, U.S. cybersecurity experts have warned about Russian hacking that increasingly uses the labor power of financially motivated criminal gangs to achieve political goals, such as strategically leaking campaign emails. Prolific ransomware groups in the last year and a half have shut down pandemic-battered hospitals, the key fuel conduit Colonial Pipeline and ...
- Ransomware: How Attackers are Breaching Corporate Networks
April 30, 2022
Targeted ransomware attacks continue to be one of the most critical cyber risks facing organizations of all sizes. The tactics used by ransomware attackers are continually evolving, but by identifying the most frequently employed tools, tactics, and procedures (TTPs) organizations can gain a deeper understanding into how ransomware groups infiltrate networks and use this knowledge ...
- Bumblebee malware loader emerges as Conti’s BazarLoader fades
April 29, 2022
A sophisticated malware loader dubbed Bumblebee is being used by at least three cybercriminal groups that have links to ransomware gangs, according to cybersecurity researchers. Gangs using Bumblebee have in the past used the BazarLoader and IcedID loaders – linked to high-profile ransomware groups Conti and Diavol. The emergence of Bumblebee coincides with the swift disappearance ...
- Interpol: We can’t arrest our way out of cybercrime
April 29, 2022
As cybercriminals become more sophisticated and their attacks more destructive and costly, private security firms and law enforcement need to work together, according to Interpol’s Doug Witschi. It’s tough to argue with either of these two statements. But considering the constant barrage of ransomware-attack headlines, as well as politicians’ calls for more public-private threat intelligence sharing, ...
- DDoS attacks in Q1 2022
April 25, 2022
he DDoS landscape in Q1 2022 was shaped by the ongoing conflict between Russia and Ukraine: a significant part of all DDoS-related news concerned these countries. In mid-January, the website of Kyiv Mayor Vitali Klitschko was hit by a DDoS attack, and the websites of a number of Ukrainian ministries were defaced. In mid-February, DDoS ...