Microsoft has cut off access to dozens of its open source projects hosted on GitHub as it investigates how hackers apparently breached the projects and injected password-stealing malware into the code.
Many of the affected projects relate to Microsoft’s cloud service Azure and other tools used by developers to code with AI development apps, such as Claude Code, Gemini’s command line interface, and VS Code.
Read more…
Source: TechCrunch News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- FBI, cybersecurity firms say a prolific hacking crew is now targeting airlines and the transportation sector
June 28, 2025
The FBI and cybersecurity firms are warning that the prolific hacking group known as Scattered Spider is now targeting airlines and the transportation sector. In a brief statement on Friday shared with TechCrunch, the FBI said it had “recently observed” cyberattacks resembling Scattered Spider to include the airline sector. Executives from Google’s cybersecurity unit Mandiant and ...
- AI Goes on Offense: How LLMs Are Redefining the Cybercrime Landscape
June 26, 2025
In their last blog, Rapid7 explored the broader rise of AI-enabled threats across ransomware, phishing, and nation-state operations. Now, they’re narrowing in on a specific piece of that evolution: how cybercriminals are using large language models to scale and automate their tactics. AI in cybersecurity is no longer experimental. It’s embedded in workflows, transforming everything from ...
- US, French authorities confirm arrest of BreachForums hackers
June 26, 2025
U.S. and French authorities have confirmed the arrests of five hackers accused of being behind several major hacks and being part of a notorious cybercrime forum. On Thursday, the U.S. Department of Justice announced the indictment of British national Kai West, 25, accusing him of being “a serial hacker” known as IntelBroker. U.S. authorities allege West ...
- Windows users warned of new ClickFlix-style social engineering attack
June 26, 2025
A new version of popular social engineering tool ClickFix has been developed, potentially putting Windows users at risk. A cybersecurity researcher who goes by the name mr. dox has developed a new version of ClickFix, a browser-based attack often disguised as captchas to trick victims into pressing a button which then copies a command to Windows ...
- Jailbroken AIs are helping cybercriminals to hone their craft
June 26, 2025
Cybercriminals are bypassing the guardrails that are supposed to keep AI models from carrying out criminal activities, according to researchers. We’ve seen the misuse of AI models by cybercriminals growing rapidly over the past several years, shaping a new era of digital threats. Early on, attackers focused on jailbreaking public AI chatbots, which meant they used ...
- Data possibly stolen and council services offline after Glasgow cyber attack
June 25, 2025
Glasgow City Council has warned that personal data may have been stolen in a cyber attack affecting its services. The local authority was alerted to malicious activity on servers managed by a third-party supplier on June 19. Due to affected servers being taken offline, a number of services are currently unavailable, including planning applications, paying parking ...