GitHub confirms 3,800 internal repos stolen through poisoned VS Code extension as supply chain worm hits Microsoft’s Python SDK

GitHub confirmed attackers stole 3,800 internal repositories via a poisoned VS Code extension. The same threat group, TeamPCP, simultaneously compromised Microsoft's durabletask Python ...

The ‘Miasma’ worm source code briefly leaked on GitHub

The Miasma credential-stealing attack framework, which has recently targeted open-source ecosystems through supply-chain ...

NFCShare Android malware spreads via fake banking app updates on GitHub

New variants of the NFCShare Android malware are being distributed as fake updates for legitimate banking apps hosted on ...

Powerful AI is making facial recognition better at identifying you

If you are fortunate enough to have a ticket to an event at Madison Square Garden in New York – say, an NBA Finals game – one ...
Microsoft

AI brands as bait: How threat actors are using the AI hype in social engineering

As threat actors operationalize AI to accelerate attacks, they are also leveraging the wider global interest around AI itself as a social engineering lure. In recent months, Microsoft Threat ...