Microsoft’s open source tools were hacked to steal passwords of AI developers

Microsoft shut down dozens of GitHub code repositories for Azure and AI coding tools after a reported hack.
Bleeping Computer

CRYSTALRAY hacker expands to 1,500 breached systems using SSH-Snake tool

A new threat actor known as CRYSTALRAY has significantly broadened its targeting scope with new tactics and exploits, now counting over 1,500 victims whose credentials were stolen and cryptominers ...
CSOonline

Known SSH-Snake bites more victims with multiple OSS exploitation

CRYSTALRAY, a threat actor known to have used Secure Shell (SSH) based malware to gain access into victim systems in the past, has scaled operations to over 1,500 victims using multiple open source ...
Bleeping Computer

New SSH-Snake malware steals SSH keys to spread across the network

A threat actor is using an open-source network mapping tool named SSH-Snake to look for private keys undetected and move laterally on the victim infrastructure. SSH-Snake was discovered by the Sysdig ...