Microsoft has cut off access to dozens of its open source projects hosted on GitHub as it investigates how hackers apparently breached the projects and injected password-stealing malware into the code.
Many of the affected projects relate to Microsoft’s cloud service Azure and other tools used by developers to code with AI development apps, such as Claude Code, Gemini’s command line interface, and VS Code.
Read more…
Source: TechCrunch News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Threat Actors Exploit Misconfigured Apache Hadoop YARN
July 27, 2021
The misconfiguration and resulting exposure of cloud services is one of the most prevalent risks in the Linux threat landscape. We previously analyzed incidents related to this security concern, such as an exposed Docker API being abused by threat actors in the wild and exposed Redis instances that threat actors actively search. This blog post will ...
- LockBit ransomware now encrypts Windows domains using group policies
July 27, 2021
A new version of the LockBit 2.0 ransomware has been found that automates the encryption of a Windows domain using Active Directory group policies. The LockBit ransomware operation launched in September 2019 as a ransomware-as-a-service, where threat actors are recruited to breach networks and encrypt devices. In return, the recruited affiliates earn 70-80% of a ransom payment, ...
- Unhacked: 121 Tools Against Ransomware On A Single Website
July 26, 2021
In its five years of existence, No More Ransom has helped prevent almost a billion euros from ending up in criminals’ pockets Working from home, the beach or a café is a reality for many people today. Everything we need is stored in our digital devices, such as personal computers, laptops and mobile phones, which contain ...
- Babuk Ransomware Gang Ransomed, New Forum Stuffed With Porn
July 26, 2021
The Babuk ransomware gang’s new rebrand isn’t going so well. It seems the cybercriminal group has been a victim of a ransomware attack of its own. Babuk’s latest endeavor, a Dark Web ransomware forum called RAMP, was crippled by a spammer over the weekend who overloaded the site with same-sex pornographic GIFs, according to Recorded Future. The ...
- Malware Makers Using ‘Exotic’ Programming Languages
July 26, 2021
Malware authors are increasingly using rarely spotted programming languages such as Go, Rust, Nim and DLang in order to create new tools and to hinder analysis, researchers have found. Use of those four languages is escalating in the number of malware families being identified, according to a report published on Monday by BlackBerry Research and Intelligence ...
- FIN7’s Liquor Lure Compromises Law Firm with Backdoor
July 23, 2021
Financial cybercrime gang FIN7 has rebounded after the jailing of some key members, launching a campaign that uses as a lure a legal complaint involving the liquor company that owns Jack Daniels whiskey. The gambit successfully compromised at least one law firm, giving them a shot of the JSSLoader remote-access trojan (RAT), researchers said. According to ...