Microsoft has cut off access to dozens of its open source projects hosted on GitHub as it investigates how hackers apparently breached the projects and injected password-stealing malware into the code.
Many of the affected projects relate to Microsoft’s cloud service Azure and other tools used by developers to code with AI development apps, such as Claude Code, Gemini’s command line interface, and VS Code.
Read more…
Source: TechCrunch News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Researchers Find New Twists In ‘Olympic Destroyer’ Malware
February 14, 2018
Researchers have uncovered new wrinkles in the “Olympic Destroyer” malware attack that targeted the Winter Olympics in Pyeongchang, South Korea. Cisco Talos researchers now believe the malware also wipes files on shared network drives. Originally researchers believed the malware only targeted single endpoints. Researchers also now believe the credentials-stealing component of the malware is more dynamic than originally ...
- Unicode Technique Used to Deliver Cryptomining Malware Through Telegram
February 13, 2018
Attackers are using the time-tested right-to-left override technique to deliver cryptomining malware through the popular Telegram messaging application, say researchers. The right-to-left (RLO) technique uses Unicode to hide malicious file names and trick users into executing what appear to be benign files. It is a tactic that enables malware authors to hide the real name of ...
- PyeongChang 2018 Winter Olympics Opening Ceremony Disrupted by Malware Attack
February 12, 2018
The Pyeongchang Winter Olympics taking place in South Korea was disrupted over the weekend following a malware attack before and during the opening ceremony on Friday. The cyber attack coincided with 12 hours of downtime on the official website for the Winter Games, the collapse of Wi-Fi in the Pyeongchang Olympic stadium and the failure of ...
- UK Government website offline after hack infects thousands more worldwide
February 11, 2018
More than 5,000 websites have been hacked to force visitors’ computers to run software that mines a cryptocurrency similar to Bitcoin. Users loading the websites of the Information Commissioner’s Office, the Student Loans Company, as well as the council websites for Manchester City, Camden, and Croydon – and even the homepage of the United States Courts ...
- Crucial iPhone source code posted in unprecedented leak
February 8, 2018
Critical, top secret Apple code for the iPhone’s operating system was posted on Github, opening a new, dangerous avenue for hackers and jailbreakers to access the device, Motherboard reported. The code, known as “iBoot,” has since been pulled, but Apple may have confirmed it was the real deal when it issued a DMCA takedown to Github, as Twitter user ...
- A Faraday cage or air gap can’t protect your device data from these two cyberattacks
February 8, 2018
Two common methods of physical cybersecurity, air gapping and Faraday cages, have been found breachable in two papers released by researchers from Ben-Gurion University. Faraday cages are grounded cages made of electrically conductive material that can completely block electromagnetic fields and signals. Air-gapped computers are those completely isolated from outside networks and signals. Air-gap setups commonly include Faraday ...