Microsoft has cut off access to dozens of its open source projects hosted on GitHub as it investigates how hackers apparently breached the projects and injected password-stealing malware into the code.
Many of the affected projects relate to Microsoft’s cloud service Azure and other tools used by developers to code with AI development apps, such as Claude Code, Gemini’s command line interface, and VS Code.
Read more…
Source: TechCrunch News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Ragnar Locker Ransomware Gang Takes Out Facebook Ads in Key New Tactic
November 11, 2020
The Ragnar Locker ransomware group has decided to ratchet up the pressure on its latest high-profile victim, Italian liquor conglomerate Campari, by taking out Facebook ads threatening to release the 2TB of sensitive data it stole in a Nov. 3 attack – unless a $15 million ransom is paid in Bitcoin. Campari Group, which is behind ...
- Recent ransomware wave targeting Israel linked to Iranian threat actors
November 11, 2020
Two recent ransomware waves that targeted Israeli companies have been traced back to Iranian threat actors, multiple sources have told ZDNet today. The ransomware attacks have been taking place since mid-October, have ramped up this month, and have repeatedly focused on Israeli targets. Israeli companies of all sizes have been targeted by threat actors using the Pay2Key ...
- A Closer Look at the Web Skimmer
November 9, 2020
The formjacking attack has been one of the fastest-growing cyberattacks in recent years. As explained in our previous blog, “Anatomy of Formjacking Attacks,” the formjacking attack is easy to deploy but hard to detect. It has gained popularity among threat actors, especially against e-commerce websites. Between May and September 2020, we detected an average of ...
- Ghimob: a Tétrade threat actor moves to infect mobile devices
November 9, 2020
Guildma, a threat actor that is part of the Tétrade family of banking trojans, has been working on bringing in new techniques, creating new malware and targeting new victims. Recently, their new creation, the Ghimob banking trojan, has been a move toward infecting mobile devices, targeting financial apps from banks, fintechs, exchanges and cryptocurrencies in ...
- An Old Joker’s New Tricks: Using Github To Hide Its Payload
November 9, 2020
The Joker malware has consistently plagued mobile users since its discovery in 2017. In January 2020, Google removed 1700 infected applications from the Play Store — a list that grew over three years. More recently, in September, security company Zscaler found 17 samples that were uploaded to the Google Play Store. Joker has been responsible ...
- Compal, the second-largest laptop manufacturer in the world, hit by ransomware
November 9, 2020
Compal, a Taiwanese electronics company that builds laptops for some of the world’s largest computer brands such as Apple, Acer, Lenovo, Dell, Toshiba, HP, and Fujitsu, suffered a ransomware attack over the weekend. Responsible for the breach is believed to be the DoppelPaymer ransomware gang, according to a screenshot of the ransom note shared by Compal ...