Microsoft has cut off access to dozens of its open source projects hosted on GitHub as it investigates how hackers apparently breached the projects and injected password-stealing malware into the code.
Many of the affected projects relate to Microsoft’s cloud service Azure and other tools used by developers to code with AI development apps, such as Claude Code, Gemini’s command line interface, and VS Code.
Read more…
Source: TechCrunch News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Over 485,000 Ubiquiti devices vulnerable to new attack
February 4, 2019
Ubiquiti Networks is working on a fix for a newly discovered security issue affecting its devices that attackers have been exploiting since July last year. The issue impacts over 485,000 devices, according to an internet scan conducted by US cyber-security firm Rapid7. Mass-exploitation attacks were first spotted last week by Jim Troutman, co-founder of internet exchange point ...
- Collections #2-5 unearthed with 2.2 billion unique records now exposed online
February 1, 2019
Researchers have established that more than 600GB of personal information is circulating online after finding a monster cache of four additional ‘Collection’ folders. The Collection #1 leak discovered earlier this month was considered one of the largest leakages of personal data in history, with more than 773 million unique email addresses, and 22 million passwords, found ...
- Metro Bank targeted with 2FA-bypassing SS7 attacks
February 1, 2019
Metro Bank has reportedly fallen victim to a sophisticated two-factor authentication (2FA) bypass attack after hackers infiltrated a telecoms firm’s text messaging protocol. The Signalling Systems No. 7 (SS7) protocol is used by telecom firms to coordinate how texts and calls are routed around the world. But according to Motherboard, hackers are more actively exploiting SS7, and ...
- Prepare to Defend Your Network Against Swarm-as-a-Service
January 31, 2019
Swarm technology may be a game changer for the bad guys if organizations don’t change their tactics. The digital world we now inhabit creates unprecedented opportunities – both for good and for ill. One of these possibilities is swarm-based tools that can be used to either attack or defend the network. This possibility, or set of possibilities, ...
- Theoretical Ransomware Attack Could Lead to Global Damages Says Report
January 29, 2019
According to a speculative cyber risk scenario prepared by Cambridge University for risk management purposes, a ransomware strain that would manage to impact more than 600,000 businesses worldwide within 24 hours would potentially lead to damages of billions not covered by insurers. First of all, it is important to understand that although the numbers look very scary, this type of ...
- Users of illegal websites targeted in joint law-enforcement activity
January 29, 2019
The National Crime Agency, working with law enforcement partners from 14 countries, has taken action against a number of cyber criminals website users linked to four million attacks across the globe. This latest action is part of Operation Power Off, which pursues those individuals and services responsible for committing or facilitating DDoS (Distributed Denial of Service) ...