Microsoft has cut off access to dozens of its open source projects hosted on GitHub as it investigates how hackers apparently breached the projects and injected password-stealing malware into the code.
Many of the affected projects relate to Microsoft’s cloud service Azure and other tools used by developers to code with AI development apps, such as Claude Code, Gemini’s command line interface, and VS Code.
Read more…
Source: TechCrunch News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Australian Health Insurance-Themed Spam Spreads Ursnif
April 21, 2020
Trend Micro researchers encountered a spam campaign referencing the Australian health insurance brand Medicare. The attachment, which Trend Micro detects as Trojan.X97M.URSNIF.THDAEBO, downloads the malicious file (detected as TrojanSpy.Win32.URSNIF.THDAEBO). The campaign aims to spread the spyware Ursnif, also known as Gozi. The email headers pertain to payment transactions with the words “Statement,” “Invoice,” or “Transaction,” and include a ...
- Cognizant hit by ‘Maze’ ransomware attack
April 19, 2020
Cognizant Technology Solutions Corp on Saturday said it was hit by a “Maze” ransomware cyber attack, resulting in service disruptions for some of its clients. The information technology services provider said it was taking steps to contain the incident, with the help of cyber defense companies, and has also engaged with law enforcement authorities. Ransomware is a ...
- German government might have lost tens of millions of euros in COVID-19 phishing attack
April 18, 2020
The government of North Rhine-Westphalia, a province in western Germany, is believed to have lost tens of millions of euros after it failed to build a secure website for distributing coronavirus emergency aid funding. The funds were lost following a classic phishing operation. Cybercriminals created copies of an official website that the NRW Ministry of Economic Affairs had set ...
- Financial Cyberthreats in 2019
April 16, 2020
Financial cyberthreats are malicious programs that target users of services such as online banking, e-money, and cryptocurrency, or that attempt to gain access to financial organizations and their infrastructure. These threats are usually accompanied by spam and phishing activities, with malicious users creating fake financial-themed pages and emails to steal victims’ credentials. In order to study ...
- RagnarLocker ransomware hits EDP energy giant, asks for €10M
April 14, 2020
Attackers using the Ragnar Locker ransomware have encrypted the systems of Portuguese multinational energy giant Energias de Portugal (EDP) and are now asking for a 1580 BTC ransom ($10.9M or €9.9M). EDP Group is one of the largest European operators in the energy sector (gas and electricity) and the world’s 4th largest producer of wind energy. The company is present ...
- Malicious Attackers Target Government and Medical Organizations With COVID-19 Themed Phishing Campaigns
April 14, 2020
Despite prior reporting by various sources indicating that some cyber threat attacker activity may subside in some respects during the COVID-19 pandemic, Unit 42 has observed quite the opposite with regard to COVID-19 themed threats, particularly in the realm of phishing attacks. While the various COVID-19 themed phishing campaigns observed by Unit 42 are numerous, this blog ...