Microsoft has cut off access to dozens of its open source projects hosted on GitHub as it investigates how hackers apparently breached the projects and injected password-stealing malware into the code.
Many of the affected projects relate to Microsoft’s cloud service Azure and other tools used by developers to code with AI development apps, such as Claude Code, Gemini’s command line interface, and VS Code.
Read more…
Source: TechCrunch News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- U.S. Nuclear Contractor Hit with Maze Ransomware, Data Leaked
June 4, 2020
A U.S. military contractor involved in the maintenance of the country’s Minuteman III nuclear arsenal has been hit by the Maze ransomware, according to reports – with the hackers making off with reams of sensitive information. The company, Westech International, has a range of contracts with the military for everything from ongoing evaluation for the ballistic ...
- Lemon Duck Cryptominer Spreads through Covid-19 Themed Emails
June 3, 2020
Malware authors continue to take advantage of the coronavirus pandemic to propagate threats. In a recent related campaign, we have come across a PowerShell script (mailer script) that distributes the Lemon Duck cryptominer through a new propagation method: Covid-19-themed emails with weaponized attachments. These emails are delivered to all Microsoft Outlook contacts of the user of a ...
- Ransomware gangs team up to form extortion cartel
June 3, 2020
Ransomware gangs are teaming up to extort victims through a shared data leak platform, and the exchange of tactics and intelligence. In November 2019, the Maze Ransomware operators transformed ransomware attacks into data breaches after they released unencrypted data of a victim who refused to pay. Soon after, they launched a dedicated “Maze News” site used to shame their unpaid victims ...
- REvil ransomware creates eBay-like auction site for stolen data
June 2, 2020
The operators of the REvil ransomware have launched a new auction site used to sell victim’s stolen data to the highest bidder. REvil, otherwise known as Sodinokibi, is a ransomware operation that breaches corporate networks using exposed remote desktop services, spam, exploits, and hacked Managed Service Providers. Once established on a network, they quietly spread laterally through the company while stealing ...
- Amtrak discloses data breach, potential leak of customer account data
June 2, 2020
The National Railroad Passenger Corporation (Amtrak) has disclosed a data breach that may have resulted in the compromise of customer personally identifiable information (PII). The data breach was discovered on April 16, 2020. In a letter to the Attorney General’s Office of Vermont, made public on April 29, the rail service said that an unknown third party managed ...
- Minneapolis Police Department Hack Likely Fake, Says Researcher
June 1, 2020
As protests continue to proliferate across the globe in the wake of George Floyd’s death, the Minnesota Police Department is making news for something else: A supposed hack, perpetrated at the hands of the Anonymous hacktivist group. According to Troy Hunt at Have I Been Pwned (HIBP), the group of allegedly ill-gotten email addresses and passwords ...