Microsoft

Developer-targeting campaign using malicious Next.js repositories

A developer-targeting campaign leveraged malicious Next.js repositories to trigger a covert RCE-to-C2 chain through standard ...
Bleeping Computer

Microsoft investigating claims of hacked source code repositories

Microsoft says they are investigating claims that the Lapsus$ data extortion hacking group breached their internal Azure DevOps source code repositories and stolen data. Unlike many extortion groups ...
Bleeping Computer

Here's how a researcher broke into Microsoft VS Code's GitHub

This month a researcher has disclosed how he broke into the official GitHub repository of Microsoft Visual Studio Code. A vulnerability in VS Code's issue management function and a lack of ...
CRN

SolarWinds Hackers Kept Going After Microsoft Until January

The SolarWinds hackers first viewed a file in a Microsoft source repository in November, and were able to download source code for its Azure, Exchange and Intune cloud-based products. The SolarWinds ...
CNBC

Microsoft's GitHub gives clients option to keep sensitive code in EU only, in data sovereignty push

Microsoft-owned developer platform GitHub on Tuesday said it is giving enterprise users the ability to store their sensitive software code in only European Union data centers. GitHub's data residency ...