Microsoft

How Storm-2949 turned a compromised identity into a cloud-wide breach

Storm-2949 turned stolen credentials into a cloud-wide breach, moving from identity compromise to large-scale data theft ...

GitHub confirms 3,800 internal repos stolen through poisoned VS Code extension as supply chain worm hits Microsoft’s Python SDK

GitHub confirmed attackers stole 3,800 internal repositories via a poisoned VS Code extension. The same threat group, TeamPCP ...
The Hacker News

⚡ Weekly Recap: Linux Flaws, Defender 0-Days, Router Botnets, and Supply Chain Chaos

Supply chain chaos, old bugs, smarter phishing, and botnets everywhere — here’s what broke the internet this week.
Microsoft

Exposing Fox Tempest: A malware-signing service operation

Fox Tempest is a financially motivated threat actor operating a malware‑signing‑as‑a‑service (MSaaS) used by other ...

GitHub confirms 'hacking' attack; says: We detected and contained a compromise of an employee device involving a poisoned

GitHub has confirmed a cyberattack after a threat actor claimed to be selling stolen company data. The breach involved ...