Microsoft has cut off access to dozens of its open source projects hosted on GitHub as it investigates how hackers apparently breached the projects and injected password-stealing malware into the code.
Many of the affected projects relate to Microsoft’s cloud service Azure and other tools used by developers to code with AI development apps, such as Claude Code, Gemini’s command line interface, and VS Code.
Read more…
Source: TechCrunch News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- FIN6 Compromised E-commerce Platform via Magecart to Inject Credit Card Skimmers Into Thousands of Online Shops
October 9, 2019
trend Micro discovered that the online credit card skimming attack known as Magecart or E-Skimming was actively operating on 3,126 online shops. Our data shows that the attack started on September 7, 2019. All of the impacted online shops are hosted on the cloud platform of the e-commerce service provider “Volusion,” one of the top e-commerce platforms in the market. ...
- The Value of Dark Web Coverage for Third-Party Risk Management
October 9, 2019
Everyone knows that a key ingredient to an effective third-party risk program is comprehensive, high-quality risk information. This includes details on supply chain risk, financial risk, legal risk, cyber risk, and more. With growing third-party ecosystems, it’s easier said than done for risk management teams to collect, organize, and prioritize their own risk information along ...
- Alabama Hospitals Pay Up in Ransomware Attack
October 7, 2019
An Alabama hospital system has paid its attackers in a ransomware attack that knocked its systems offline on Oct. 1. Officials at the DCH Health System didn’t say how much the hospitals paid for the decryption key, but noted that they have started a “methodical” process of system restoration. “We have been using our own DCH backup ...
- White-hat hacks Muhstik ransomware gang and releases decryption keys
October 7, 2019
A user got his revenge on the ransomware gang who encrypted his files by hacking their server and releasing the decryption keys for all other victims. This happened earlier today and involved the Muhstik gang. Muhstik is a recent strain of ransomware that has been active since late September, according to reports . This ransomware targets network-attacked ...
- Report: Nation state hackers and cyber criminals are spoofing each other
October 4, 2019
Nation-state hackers and cyber criminals are increasingly impersonating each other to try and hide their tracks as part of advanced attack techniques says Optiv Security in its 2019 Cyber Threat Intelligence Estimate report. The top industries being targeted are retail, healthcare, government and financial institutions. Cryptojacking and ransomware are new exploits that join the traditional list of computer ...
- FBI’s new ransomware warning: Don’t pay up, but if you do, tell us about it
October 3, 2019
After a spate of ransomware attacks on government organizations, the FBI has come up with a new stance on paying up ransomware demands. The latest groups to be targeted by high-value ransomware attacks are hospital organizations in Alabama, USA, and Victoria, Australia. Both resulted in hospitals turning away non-critical patients as employees worked to restore IT systems. The attacks on ...