Microsoft has cut off access to dozens of its open source projects hosted on GitHub as it investigates how hackers apparently breached the projects and injected password-stealing malware into the code.
Many of the affected projects relate to Microsoft’s cloud service Azure and other tools used by developers to code with AI development apps, such as Claude Code, Gemini’s command line interface, and VS Code.
Read more…
Source: TechCrunch News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Avaddon ransomware launches data leak site to extort victims
August 10, 2020
Avaddon ransomware is the latest cybercrime operation to launch a data leak site that will be used to publish the stolen data of victims who do not pay a ransom demand. Since the Maze operators began publicly leaking files stolen in ransomware attacks, other operations soon followed suit and began creating data leak sites to publish ...
- Upgraded Agent Tesla malware steals passwords from browsers, VPNs
August 10, 2020
New variants of Agent Tesla remote access Trojan now come with modules dedicated to stealing credentials from applications including popular web browsers, VPN software, as well as FTP and email clients. Agent Tesla is a commercially available .Net-based infostealer with both remote access Trojan (RAT) and with keylogging capabilities active since at least 2014. This malware is ...
- Hacked government, college sites push malware via fake hacking tools
August 10, 2020
A large scale hacking campaign is targeting governments and university websites to host articles on hacking social network accounts that lead to malware and scams. BleepingComputer first learned about this campaign after security intelligence firm Cyble shared a screenshot of the UNESCO.org site compromised to host an article on how to hack Instagram accounts. Clicking on the ...
- Bulgarian police arrest hacker Instakilla
August 7, 2020
Bulgarian law enforcement has arrested on Wednesday a local hacker going by the name of Instakilla on accusations of hacking, extorting companies, and selling hacked data online. Authorities raided two of the hacker’s residences in Plovdiv, a city in central Bulgaria, and confiscated several computers, smartphones, flash drives, and cryptocurrency, according to a press release from ...
- Water Nue Phishing Campaign Targets C-Suite’s Office 365 Accounts
August 6, 2020
A series of ongoing business email compromise (BEC) campaigns that uses spear-phishing schemes on Office 365 accounts has been seen targeting business executives of over 1,000 companies across the world since March 2020. The recent campaigns target senior positions in the United States and Canada. The fraudsters, whom we named “Water Nue,” primarily target accounts of ...
- Canon hit by Maze Ransomware attack, 10TB data allegedly stolen
August 5, 2020
Canon has suffered a ransomware attack that impacts numerous services, including Canon’s email, Microsoft Teams, USA website, and other internal applications. BleepingComputer has been tracking a suspicious outage on Canon’s image.canon cloud photo and video storage service resulting in the loss of data for users of their free 10GB storage feature. The image.canon site suffered an outage ...