Microsoft has cut off access to dozens of its open source projects hosted on GitHub as it investigates how hackers apparently breached the projects and injected password-stealing malware into the code.
Many of the affected projects relate to Microsoft’s cloud service Azure and other tools used by developers to code with AI development apps, such as Claude Code, Gemini’s command line interface, and VS Code.
Read more…
Source: TechCrunch News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Police Shut Down xDedic – An Online Market for Cyber Criminals
January 29, 2019
In an international operation involving law enforcement authorities from the U.S. and several European countries, feds have shut down an online underground marketplace and arrested three suspects in Ukraine. Dubbed xDedic, the illegal online marketplace let cybercriminals buy, sell or rent out access to thousands of hacked computers and servers across the world and personally identifiable ...
- Global ransomware could cost almost $200bn
January 29, 2019
A global ransomware attack could cost $193 billion and affect more than 600,000 businesses worldwide, according to a new report. The report is called ‘Bashe Attack: Global infection by contagious malware’ and has been compiled by a Singapore-based public-private initiative called Cyber Risk Management. Lloyds of London is one of the initiatives founding members and posted ...
- Hackers are going after Cisco RV320/RV325 routers using a new exploit
January 27, 2019
Security researchers have observed ongoing internet scans and exploitation attempts against Cisco RV320 and RV325 WAN VPN routers, two models very popular among internet service providers and large enterprises. ttacks started on Friday, January 25, after security researcher David Davidson published a proof-of-concept exploit for two Cisco RV320 and RV325 vulnerabilities. The vulnerabilities are: CVE-2019-1653 – allows a remote attacker to get sensitive device configuration details ...
- Malvertising campaign targets Apple users with malicious code hidden in images
January 24, 2019
Apple users continue to be some of the favorite targets of malvertising campaigns, according to a report published this week by cyber-security firm Confiant. The report describes a new malvertising group called VeryMal that’s been going after Apple users, with the latest campaigns employing steganography techniques to hide malicious code inside ad images to avoid detection. The Confiant report comes ...
- Bit-and-Piece DDoS Method Emerges to Torment ISPs
January 24, 2019
Perpetrators are using smaller, bit-and-piece methods to inject junk into legitimate traffic, causing attacks to bypass detection rather than sounding alarms with large, obvious attack spikes. A pioneering distributed denial-of-service (DDoS) attack pattern has emerged, targeting internet service providers (ISPs) with something researchers have dubbed the bit-and-piece “Mongol” attack. The approach involves spreading out junk traffic across ...
- Trojans lead siege on businesses for second year running
January 23, 2019
Security software firm Malwarebytes has released its annual ‘State of Malware 2019‘ report which analyses the prevalence of different forms of malware and shows how each type is being used to attack businesses and consumers. Following its quarterly report released in October, Malwarebytes report that for the second year in a row, Trojans are leading the siege on ...