Microsoft has cut off access to dozens of its open source projects hosted on GitHub as it investigates how hackers apparently breached the projects and injected password-stealing malware into the code.
Many of the affected projects relate to Microsoft’s cloud service Azure and other tools used by developers to code with AI development apps, such as Claude Code, Gemini’s command line interface, and VS Code.
Read more…
Source: TechCrunch News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Card-Not-Present Fraud: 4 Security Considerations for Point of Sale Businesses
December 23, 2020
As the retail world’s center of gravity shifts to the cloud, payment card fraud has followed suit. According to Verizon’s retail vulnerabilities study, attacks against e-commerce applications are by far the leading cause of retail data breaches. This trend mirrors similar outcomes in other industries, like food service. A complimentary Verizon study finds remote attacks ...
- Law enforcement take down three bulletproof VPN providers
December 22, 2020
Law enforcement agencies from the US, Germany, France, Switzerland, and the Netherlands have seized this week the web domains and server infrastructure of three VPN services that provided a safe haven for cybercriminals to attack their victims. The three services were active at insorg.org , and safe-inet.net before the domains were seized ...
- FBI warns of ongoing COVID-19 vaccine related fraud schemes
December 22, 2020
US federal agencies have warned about scammers exploiting the public’s interest in the COVID-19 vaccine to harvest personal information and steal money through multiple ongoing and emerging fraud schemes. The warning was issued earlier today through the FBI National Press Office by the Federal Bureau of Investigation (FBI), the Department of Health and Human Services Office ...
- Holiday Puppy Swindle Has Consumers Howling
December 22, 2020
Puppy photos are undeniably irresistible but beware; researchers have uncovered a scheme selling fake German Shepherd puppies for Bitcoin, leaving buyers crushed and without a tiny fuzzy friend to cuddle on Christmas morning. The scam was discovered by an intrepid researcher at Anomali, who got wind of the fake puppy offer and decided to investigate. Image: ThreatPost Read ...
- Stealthy Magecart malware mistakenly leaks list of hacked stores
December 19, 2020
A list of dozens of online stores hacked by a web skimming group was inadvertently leaked by a dropper used to deploy a stealthy remote access trojan (RAT) on compromised e-commerce sites. The threat actors use this RAT for maintaining persistence and for regaining access to the servers of hacked online shops. Once they connect to the ...
- Negasteal Uses Hastebin for Fileless Delivery of Crysis Ransomware
December 18, 2020
Trend Micro researchers have recently encountered a Negasteal (also known as Agent Tesla) variant that used hastebin for the fileless delivery of the Crysis (also known as Dharma) ransomware. This is the first time that we have observed Negasteal with a ransomware payload. Only a few months ago, Deep Instinct published the first reported case of ...