Microsoft has cut off access to dozens of its open source projects hosted on GitHub as it investigates how hackers apparently breached the projects and injected password-stealing malware into the code.
Many of the affected projects relate to Microsoft’s cloud service Azure and other tools used by developers to code with AI development apps, such as Claude Code, Gemini’s command line interface, and VS Code.
Read more…
Source: TechCrunch News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- NetWalker ransomware affiliate extradited to the US for further charges
March 11, 2022
The NetWalker ransomware gang affiliate who was sentenced to seven years in prison by Canadian courts at the end of January was extradited to the United States on Wednesday, where he will face further charges related to his participation in the gang. Sebastien Vachon-Desjardins, a Canadian citizen, received the Canadian prison sentence after he pleaded guilty ...
- Corporate website contact forms used to spread BazarBackdoor malware
March 10, 2022
The stealthy BazarBackdoor malware is now being spread via website contact forms rather than typical phishing emails to evade detection by security software. BazarBackdoor is a stealthy backdoor malware created by the TrickBot group and is now under development by the Conti ransomware operation. This malware provides threat actors remote access to an internal device that ...
- DOJ: Ukrainian ransomware suspect extradited from Poland to face charges in Texas
March 10, 2022
A Ukrainian national accused of a major ransomware attack will face charges in Texas after his extradition from Poland, the Justice Department announced Wednesday. Yaroslav Vasinskyi, 22, is charged with unleashing ransomware known as Sodinokibi/REvil against companies including Kaseya, a multi-national information software company, and demanding $70 million in ransom, according to his August 2021 indictment. REvil ...
- Latin e-commerce giant Mercado Libre hacked
March 10, 2022
Latin American e-commerce company Mercado Libre had its systems hacked in an incident that exposed information related to 300,000 users of the platform. The NASDAQ-listed company disclosed the incident in an 8-K filing to the US Securities and Exchange Commission, noting that part of its source code had been subject to unauthorized access, exposing user data. The ...
- New Nokoyawa Ransomware Possibly Related to Hive
March 9, 2022
Hive, which is one of the more notable ransomware families of 2021, made waves in the latter half of the year after breaching over 300 organizations in just four months — allowing the group to earn what could potentially be millions of US dollars in profit. In March 2022, we came across evidence that another, ...
- CISA: Conti ransomware update
March 9, 2022
CISA, the Federal Bureau of Investigation (FBI), the National Security Agency (NSA), and the United States Secret Service (USSS) have re-released an advisory on Conti ransomware. Conti cyber threat actors remain active and reported Conti ransomware attacks against U.S. and international organizations have risen to more than 1,000. CISA, the FBI, NSA, and the USSS encourage ...