Microsoft has cut off access to dozens of its open source projects hosted on GitHub as it investigates how hackers apparently breached the projects and injected password-stealing malware into the code.
Many of the affected projects relate to Microsoft’s cloud service Azure and other tools used by developers to code with AI development apps, such as Claude Code, Gemini’s command line interface, and VS Code.
Read more…
Source: TechCrunch News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Two botnets are fighting over control of thousands of unsecured Android devices
November 2, 2018
Two botnet gangs are fighting to take control over as many unsecured Android devices as they can to use their resources and mine cryptocurrency behind owners’ backs. The turf war between these two botnets –one named Fbot and the other named Trinity– has been going on for at least a month if we’re to combine the ...
- Utilities, Energy Sector Attacked Mainly Via IT, Not ICS
November 1, 2018
Stealing administrative credentials to carry out months-long spy campaigns is a top threat. While industrial control systems (ICS) are the most talked-about when it comes to cyberattacks against energy and utilities firms, most attacks actually take aim at the enterprise IT networks used by these organizations, rather than critical infrastructure itself. The Vectra 2018 Spotlight Report on Energy and ...
- Emotet malware gang is mass-harvesting millions of emails in mysterious campaign
October 31, 2018
A notorious malware family that has been on a resurgent path since last year has received a major update this week that will send shivers down any organization’s back. According to a report from Kryptos Logic shared earlier today with ZDNet, the Emotet malware family has started mass-harvesting full email messages from infected victims, starting yesterday. The Emotet group ...
- New SamSam ransomware campaign aims at targets across the US
October 30, 2018
SamSam ransomware is still plaguing organisations across the US, with fresh attacks against 67 new targets — including at least one involved with administering the upcoming midterm elections. The malware is designed in such a way that it in addition to encrypting files and data across target networks, it also goes after backups as a means ...
- Millions of Voter Records Up for Sale Ahead of the US Midterm Elections
October 30, 2018
As the US midterm elections close in, the underground markets appear to be flush with voter databases available for affordable prices. Voter information is rich with details that could help an attacker learn enough about the victim to steal their identity. Cybersecurity company Carbon Black, at least one market on the dark web lists for sale voter ...
- Malware Distributors Adopt DKIM to Bypass Mail Filters
October 25, 2018
In July 2018, US-CERT raised an alert regarding the Emotet banking trojan, which is also being used to distribute a secondary malware known as “Trickbot”. This alert provided recommendations on how businesses can mitigate their exposure to the Trojan. Unfortunately, it looks like criminals are also reading the US-CERT’s warnings as they have adopted new techniques ...