Record Coupang fine, attack on Claude Code users, and other cybersecurity news
Record Coupang fine, attack on Claude Code users, and other cybersecurity news
https://forklog.com/en/record-coupang-fine-attack-on-claude-code-users-and-other-cybersecurity-news/
Publish Date: 2026-06-13 10:49:00
Source Domain: forklog.com
This week’s key cybersecurity news.
We compiled the week’s most important cybersecurity news.
- Microsoft disabled dozens of GitHub repositories after an attack on Claude Code users.
- Hacktivists targeted users in Ukraine via a WinRAR vulnerability.
- OpenClaw failed phishing tests.
- A disgruntled researcher continued a “war” with Microsoft after patches for earlier vulnerabilities.
Microsoft disabled dozens of GitHub repositories after attack on Claude Code users
Microsoft temporarily restricted access to dozens of its open-source repositories on GitHub after malware was inserted into code. Researchers at Cloudsmith and OpenSourceMalware reported the Miasma campaign.
At least 70 projects were affected, many of them related to the Azure platform. These included repositories with tools developers use in AI coding applications, including Claude Code, Gemini CLI, and VS Code.
According to the researchers, the malware targeted the theft of passwords and other sensitive credentials. It triggered when users opened the compromised tools.
Cloudsmith recommended the following defensive measures:
- immediately change SSH keys, GitHub tokens, passwords for cloud services (Azure/GCP), and access to automated build systems;
- look for hidden processes in code editors (VS Code), unknown AI utilities, and new unexplained folders (repositories) in the company’s GitHub;
- going forward, avoid downloading updates for third-party libraries from the internet. Create an approved software list and keep an inventory.
Microsoft spokesperson Ben Hope told TechCrunch the company temporarily removed some repositories to review potentially malicious content. Some have already been restored.
