Microsoft has cut off access to dozens of its open source projects hosted on GitHub as it investigates how hackers apparently breached the projects and injected password-stealing malware into the code.
Many of the affected projects relate to Microsoft’s cloud service Azure and other tools used by developers to code with AI development apps, such as Claude Code, Gemini’s command line interface, and VS Code.
Read more…
Source: TechCrunch News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Police arrest suspect over Microsoft 365 cyber attack
December 19, 2025
The Nigeria Police Force National Cybercrime Centre (NPF-NCCC) has apprehended a suspected cyber fraudster linked to coordinated attacks on Microsoft 365 email platforms used by corporate organisations. The arrest followed an intelligence-led investigation triggered by credible information from Microsoft Corporation in the United States, conveyed through the Federal Bureau of Investigation (FBI). The intelligence exposed the ...
- UK: NHS GP software supplier hit by cyber attack
December 19, 2025
DXS International which provides healthcare technology for the NHS has disclosed a cyber attack, which has led to data being stolen. The UK-based company provides software that helps to reduce costs for doctors and primary care physicians and is used by around 2,000 GPs which oversee the care of around 17 million patients. In a filing ...
- U.S. DOJ: Tren De Aragua Members and Leaders Indicted in Multi-Million Dollar ATM Jackpotting Scheme
December 18, 2025
United States Attorney Lesley A. Woods announced that a federal grand jury in the District of Nebraska has returned two indictments charging 54 individuals for their roles in a large conspiracy to deploy malware and steal millions of dollars from ATMs in the United States, a crime commonly referred to as “ATM jackpotting.” An indictment returned ...
- Denmark blames Russia for cyberattacks on water utility and local government websites
December 18, 2025
The Danish government has accused Russia of being behind two “destructive and disruptive” cyber-attacks in what it describes as “very clear evidence” of a hybrid war. The Danish Defence Intelligence Service (DDIS) announced on Thursday that Moscow was behind a cyber-attack on a Danish water utility in 2024 and a series of distributed denial-of-service (DDoS) attacks ...
- From Linear to Complex: An Upgrade in RansomHouse Encryption
December 17, 2025
RansomHouse is a ransomware-as-a-service (RaaS) operation run by a group that we track as Jolly Scorpius. Recent samples of the associated binaries used in RansomHouse operations reveal a significant upgrade in encryption. This article explores the upgrade of RansomHouse encryption and the potential impact for defenders. Jolly Scorpius uses a double extortion strategy. This strategy combines ...
- Hacking group says it’s extorting Pornhub after stealing users’ viewing data
December 16, 2025
The hacking group Scattered Lapsus$ Hunters, which includes members of a gang known as ShinyHunters, said it is attempting to extort porn site Pornhub, after claiming to have stolen personal information belonging to the website’s premium members. On Friday, Pornhub confirmed it was among several companies affected by an earlier breach at the widely used web ...