Microsoft has cut off access to dozens of its open source projects hosted on GitHub as it investigates how hackers apparently breached the projects and injected password-stealing malware into the code.
Many of the affected projects relate to Microsoft’s cloud service Azure and other tools used by developers to code with AI development apps, such as Claude Code, Gemini’s command line interface, and VS Code.
Read more…
Source: TechCrunch News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- SMS PVA Part 2: Underground Service for Cybercriminals
February 27, 2022
In part one, Trend Micro researchers extensively discussed SMS PVA and started investigating a particular service called ReceiveCode that our team first found on a Facebook advertisement. ReceiveCode offers users access to SMS code verification sent to mobile numbers that the company has in their storage. Customers simply need to sign up to their customer-facing portal, ...
- Nvidia probes cyberattack on internal systems
February 26, 2022
Nvidia is probing what may be a ransomware infection that caused outages within its internal network. The malware is said to have taken hold in the past two days, knocking down email and developer systems. The GPU giant continues to investigate. In a statement, an Nvidia spokesperson told The Register on Friday: “Our business and commercial activities continue uninterrupted. ...
- TrickBot malware operation shuts down, devs move to stealthier malware
February 25, 2022
The TrickBot malware operation has shut down after its core developers move to the Conti ransomware gang to focus development on the stealthy BazarBackdoor and Anchor malware families. TrickBot is a notorious Windows malware infection that has dominated the threat landscape since 2016. The malware is commonly installed via malicious phishing emails or other malware, and will ...
- Ransomware groups and hacktivist collective are getting involved in the military conflict between Ukraine and Russia
February 25, 2022
Multiple ransomware groups and members of the hacktivist collective Anonymous announced this week that they are getting involved in the military conflict between Ukraine and Russia. On Thursday, members of Anonymous announced on Twitter that they would be launching attacks against the Russian government. The hacktivists defaced some local government websites in Russia and temporarily took ...
- Financial cyberthreats in 2021
February 23, 2022
The year 2021 was eventful in terms of digital threats for organizations and individuals, and financial institutions were no exception. Throughout the past year, we have seen cybercriminals continue to actively target our users with tools and techniques that emerged due to the pandemic. Imperfections in the transition to remote/hybrid work continue to pose a ...
- Billion-dollar logistics giant Expeditors struggling to recover from cyberattack
February 22, 2022
Logistics and freight forwarding giant Expeditors International announced a cyberattack on Sunday that crippled some of their operating systems and continues to slow their operations around the globe. The Seattle-based freight company, which brought in $10.1 billion in revenue last year, said they shut down most of their operating systems globally after discovering the cyberattack. “The situation ...