SK Hynix Shares Surge on Hopes for Upcoming ADR Issuance 
SpaceX Insider Share Sale Values Company Near $800 Billion Amid IPO Speculation 
U.S.-EU Tensions Rise After $140 Million Fine on Elon Musk’s X Platform 
Mizuho Raises Broadcom Price Target to $450 on Surging AI Chip Demand 
Nvidia Develops New Location-Verification Technology for AI Chips 
US Charges Two Men in Alleged Nvidia Chip Smuggling Scheme to China 
Intel’s Testing of China-Linked Chipmaking Tools Raises U.S. National Security Concerns 
Microsoft Unveils Massive Global AI Investments, Prioritizing India’s Rapidly Growing Digital Market 
EU Court Cuts Intel Antitrust Fine to €237 Million Amid Long-Running AMD Dispute 
Moore Threads Stock Slides After Risk Warning Despite 600% Surge Since IPO 
Evercore Reaffirms Alphabet’s Search Dominance as AI Competition Intensifies 
Apple App Store Injunction Largely Upheld as Appeals Court Rules on Epic Games Case 
EssilorLuxottica Bets on AI-Powered Smart Glasses as Competition Intensifies 
China Adds Domestic AI Chips to Government Procurement List as U.S. Considers Easing Nvidia Export Curbs 
Trello Outage Disrupts Users as Access Issues Hit Atlassian’s Work Management Platform 
Trump Criticizes EU’s €120 Million Fine on Elon Musk’s X Platform 
IBM Nears $11 Billion Deal to Acquire Confluent in Major AI and Data Push 
Microsoft confirmed it has been tracking the Lapsus$ hacker group and released a set of recommendations for its customers on how to mitigate risks of being the next target. The company also confirmed that the group has gained “limited access” to some source codes of its products, but maintained that no customer code or data were involved in the cyber breach.
In a lengthy blog post published on Tuesday, Microsoft confirmed it has been actively monitoring the activities of the group, which it officially named DEV-0537. The tech giant noted that Lapsus$, per Microsoft’s observations in recent weeks, has employed social engineering and extortion campaigns against its targets.
Microsoft took note of the group’s claims of gaining access to its server, resulting in “exfiltrated portions of source code.” But the company assured its customers that their data and codes remain safe.
“No customer code or data was involved in the observed activities. Our investigation has found a single account had been compromised, granting limited access,” the company said. “Microsoft does not rely on the secrecy of code as a security measure and viewing source code does not lead to elevation of risk.”
Microsoft confirmed the incident a couple of days after Lapsus$ had reportedly leaked the source code for Microsoft’s software products, including Bing and Cortana. Bleeping Computer reported that the group shared a screenshot on their Telegram channel on Sunday to prove it had accessed Microsoft’s Azure DevOps server.
Lapsus$ released 9GB worth of files on late Monday, which they claimed to be containing the source code of more than 250 Microsoft projects. The same report, however, noted that uncompressed files included around 37GB of source code from the company.
Meanwhile, Microsoft warned its customers and other companies that Lapsus$ had been openly recruiting employees of potential targets who would give them credentials and multifactor authentication details in exchange for money.
The company noted that the hacker group has been using a common form of social engineering attack. They reportedly use a compromised account that they would then bombard with MFA prompts before calling the target company’s IT help desk to request for the credentials to be reset. Before Microsoft, Lapsus$ made headlines after reportedly targeting Nvidia, Samsung, and Ubisoft.
Photo by Aktar Hossain on Unsplash
