Microsoft has cut off access to dozens of its open source projects hosted on GitHub as it investigates how hackers apparently breached the projects and injected password-stealing malware into the code.
Many of the affected projects relate to Microsoft’s cloud service Azure and other tools used by developers to code with AI development apps, such as Claude Code, Gemini’s command line interface, and VS Code.
Read more…
Source: TechCrunch News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Discord hit by data breach after hackers strike support tickets
October 6, 2025
Discord has warned users it suffered a cyberattack which caused a potentially worrying data breach. In a data breach notification announcement posted on the company’s blog, Discord said a third party, providing customer support services, was breached. “The unauthorized party then gained access to information from a limited number of users who had contacted Discord through ...
- Hacking group claims theft of 1 billion records from Salesforce customer databases
October 3, 2025
A notorious predominantly English-speaking hacking group has launched a website to extort its victims, threatening to release about a billion records stolen from companies who store their customers’ data in cloud databases hosted by Salesforce. The loosely organized group, which has been known as Lapsus$, Scattered Spider, and ShinyHunters, has published a dedicated data leak site ...
- Cavalry Werewolf raids Russia’s public sector with trusted relationship attacks
October 2, 2025
BI.ZONE Threat Intelligence recorded Cavalry Werewolf activity from May to August 2025. In order to gain initial access, the attackers sent out targeted phishing emails disguising them as official correspondence from Kyrgyz government officials. The main targets of the attacks were Russian state agencies, as well as energy, mining, and manufacturing enterprises. Cavalry Werewolf relied ...
- UK: Renault and Dacia customer data stolen in third party cyber attack
October 2, 2025
Renault has become the most recent victim of a cyber attack. Customers of the French firm and its sister brand Dacia have been warned that their personal data, including postal addresses and emails, has been stolen by hackers. In an email sent out to customers, Renault said: “We are very sorry to inform you about a ...
- Red Hat confirms major data breach after hackers claim mega haul
October 2, 2025
Red Hat has confirmed suffering a potentially serious data breach, but the company said it was not able to verify hacker claims of stolen customer secrets. A hacking group called Crimson Collective claims to have accessed Red Hat’s private GitHub repositories, and exfiltrated approximately 570GB of different files from 28,000 internal projects. Among the files were ...
- This new phishing kit turns PDF files into malware
October 1, 2025
A new PDF phishing kit is being sold on the dark web, promising customers advanced features, a simple interface, and competitive pricing, experts have warned. Security researchers from Varonis spotted MatrixPDF, an advanced solution being advertised as a legitimate tool, despite being circulated around the dark web. Its full name is MatrixPDF: Document Builder – Advanced ...