Microsoft has cut off access to dozens of its open source projects hosted on GitHub as it investigates how hackers apparently breached the projects and injected password-stealing malware into the code.
Many of the affected projects relate to Microsoft’s cloud service Azure and other tools used by developers to code with AI development apps, such as Claude Code, Gemini’s command line interface, and VS Code.
Read more…
Source: TechCrunch News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- North Korean hackers behind CryptoCore multi-million dollar heists
May 24, 2021
Security researchers piecing together evidence from multiple attacks on cryptocurrency exchanges, attributed to a threat actor they named CryptoCore have established a strong connection to the North Korean state-sponsored group Lazarus. The group is believed to have stolen hundreds of millions of U.S. dollars by breaching cryptocurrency exchanges in the U.S., Israel, Europe, and Japan over ...
- Zeppelin ransomware comes back to life with updated versions
May 24, 2021
The developers of Zeppelin ransomware have resumed their activity after a period of relative silence that started last Fall and started to advertise new versions of the malware. A recent variant of the malware became available on a hacker forum at the end of last month, offering cybercriminals in the ransomware business complete independence. Zeppelin ransomware is ...
- Air India cyber-attack: Data of millions of customers compromised
May 22, 2021
India’s national airline Air India has said a cyber-attack on its data servers affected about 4.5 million customers around the world. The breach was first reported to the company in February. Details including passport and ticket information as well as credit-card data were compromised. But Air India said security details for credit cards – CVV or CVC ...
- Florida water treatment plant was involved in second security incident before poisoning attempt: report
May 21, 2021
A new study from Dragos has found that a water treatment plant in Oldsmar, Florida — where hackers attempted to poison the town’s water earlier this year — was also involved in another potential breach at the same time. A browser being used on the plant’s network was traced back to a “watering hole” attack that ...
- Phorpiex malware botnet just won’t go away
May 21, 2021
The Phorpiex malware botnet has lurked around the internet for years and is used to deliver ransomware, spam email and more, but now Microsoft’s security team are taking a closer look at it. The botnet has been known for using old-fashioned worms that spread via removable USB drives and instant messaging apps, began diversifying its infrastructure ...
- US insurance giant CNA Financial paid $40 million ransom to regain control of systems: report
May 21, 2021
One of the largest insurance companies in the United States, CNA Financial, reportedly agreed to a $40 million payment to restore access to its systems following a ransomware attack. According to Bloomberg, the $40 million payment — which is $10 million more than the highest attempted demand of $30 million in 2020, already double the highest ...