Microsoft has cut off access to dozens of its open source projects hosted on GitHub as it investigates how hackers apparently breached the projects and injected password-stealing malware into the code.
Many of the affected projects relate to Microsoft’s cloud service Azure and other tools used by developers to code with AI development apps, such as Claude Code, Gemini’s command line interface, and VS Code.
Read more…
Source: TechCrunch News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Microsoft says Azure was hit with a massive DDoS attack launched from over 500,000 IP addresses
November 18, 2025
Microsoft has said it successfully mitigated, “the largest DDoS attack ever observed in the cloud” after cybercriminals running the Aisuru botnet targeted a single endpoint, located in Australia. The attack was a sight to behold: more than 500,000 source IPs, across various regions, descended upon the endpoint, delivering a multi-vector Distributed Denial of Service (DDoS) attack ...
- Surveillance tech provider Protei was hacked, its data stolen, and its website defaced
November 17, 2025
A Russian telecom company that develops technology to allow phone and internet companies to conduct web surveillance and censorship was hacked, had its website defaced, and had data stolen from its servers, TechCrunch has learned. Founded in Russia, Protei makes telecommunications systems for phone and internet providers across dozens of countries, including Bahrain, Italy, Kazakhstan, Mexico, ...
- Twitter hacker ordered to pay back £4.1m worth of Bitcoin
November 17, 2025
A Twitter hacker who breached the accounts of celebrities including Barack Obama and Jeff Bezos has been forced to hand over £4million. Joseph James O’Connor, 26, was jailed in the US for the hacks which involved scamming people out of Bitcoin and threatening celebrities with the release of personal images and messages. Now the CPS Proceeds ...
- Five major changes to the regulation of cybersecurity in the UK under the Cyber Security and Resilience Bill
November 16, 2025
As the UK Government has recognized, cyber incidents—such as Jaguar Land Rover, Marks and Spencer, Royal Mail and the British Library—are costing UK businesses billions annually and causing severe disruption. The Government recognizes that cybersecurity is a critical enabler of economic growth (“we cannot have growth without stability”), and that the current laws have “fallen out ...
- Digital Doppelgangers: Anatomy of Evolving Impersonation Campaigns Distributing Gh0st RAT
November 14, 2025
Palo Alto Unit 42 researchers have identified two interconnected malware campaigns active throughout 2025, using large-scale brand impersonation to deliver Gh0st remote access Trojan (RAT) variants to Chinese-speaking users. From the first campaign to the second, the adversary advanced from simple droppers to complex, multi-stage infection chains that misuse legitimate, signed software to bypass modern defenses. ...
- Threat Landscape of the Building and Construction Sector Part Two: Ransomware
November 14, 2025
The construction sector is increasingly vulnerable to ransomware attacks in 2025 due to its complex ecosystem and distinctive operational challenges. Construction projects typically involve a web of contractors, subcontractors, suppliers, and consultants, collaborating through shared digital platforms and exchanging sensitive documents such as blueprints, contracts, and timelines. While essential for project delivery, this interconnectedness creates numerous ...