Microsoft has cut off access to dozens of its open source projects hosted on GitHub as it investigates how hackers apparently breached the projects and injected password-stealing malware into the code.
Many of the affected projects relate to Microsoft’s cloud service Azure and other tools used by developers to code with AI development apps, such as Claude Code, Gemini’s command line interface, and VS Code.
Read more…
Source: TechCrunch News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- GandCrab ransomware and Ursnif virus spreading via MS Word macros
January 21, 2019
Security researchers have discovered two separate malware campaigns, one of which is distributing the Ursnif data-stealing trojan and the GandCrab ransomware in the wild, whereas the second one is only infecting victims with Ursnif malware. Though both malware campaigns appear to be a work of two separate cybercriminal groups, we find many similarities in them. Both attacks start from phishing ...
- New Phobos ransomware exploits weak security to hit targets around the world
January 21, 2019
A prolific cybercrime gang behind a series of ransomware attacks is distributing a new form of the file-encrypting malware which combines two well known and successful variants in a series of attacks against businesses around the world. Dubbed Phobos by its creators, the ransomware first emerged in December and researchers at CoveWare have detailed how it shares a number of ...
- Cumbria health trust hit by 147 cyber attacks in five years
January 19, 2019
The NHS in Cumbria has been hit by more than 150 cyber attacks in five years, the BBC can reveal. Of these, 147 were directed at University Hospitals of Morecambe Bay NHS Trust (UHMBT), which runs hospitals in Barrow, Kendal, Morecambe and Lancaster. The trust said it had spent £29,600 in 2017 dealing with the effects of ...
- New Android Malware Apps Use Motion Sensor to Evade Detection
January 18, 2019
Even after so many efforts by Google for preventing its Play Store from malware, shady apps somehow managed to fool its anti-malware protections and get into its service to infect Android users with malware. Two such Android apps have recently been spotted on the Google Play Store by security researchers with the Trend Micro malware research ...
- Massive Collection #1 leak exposes 773m unique records online
January 17, 2019
Nearly 2.7 billion records containing up to 800 million unique email addresses and more than 21 million unique passwords have been compromised and published online. The massive data leak, dubbed Collection #1, is made up of individual breaches from “literally thousands of different sources”, according to security researcher Troy Hunt, who announced his findings in a blog ...
- NanoCore Trojan is protected in memory from being killed off
January 16, 2019
The NanoCore Remote Access Trojan (RAT) is being spread through malicious documents and uses an interesting technique to keep its process running and prevent victims from manually killing the system, researchers say. The cybersecurity team from Fortinet recently captured a sample relating to the spread of NanoCore RAT in the form of a malicious Microsoft Word document. Developed in ...