Jensen Huang Urges Taiwan Suppliers to Boost AI Chip Production Amid Surging Demand 
SpaceX Seeks FCC Approval for Massive Solar-Powered Satellite Network to Support AI Data Centers 
SpaceX Updates Starlink Privacy Policy to Allow AI Training as xAI Merger Talks and IPO Loom 
Apple Faces Margin Pressure as Memory Chip Prices Surge Amid AI Boom 
Nvidia’s $100 Billion OpenAI Investment Faces Internal Doubts, Report Says 
Rewardy Wallet and 1inch Collaborate to Simplify Multi-Chain DeFi Swaps with Native Token Gas Payments 
Advantest Shares Hit Record High on Strong AI-Driven Earnings and Nvidia Demand 
Sam Altman Reaffirms OpenAI’s Long-Term Commitment to NVIDIA Amid Chip Report 
Sandisk Stock Soars After Blowout Earnings and AI-Driven Outlook 
Federal Judge Signals Possible Dismissal of xAI Lawsuit Against OpenAI 
SoftBank and Intel Partner to Develop Next-Generation Memory Chips for AI Data Centers 
Elon Musk’s SpaceX Acquires xAI in Historic Deal Uniting Space and Artificial Intelligence 
Microsoft AI Spending Surge Sparks Investor Jitters Despite Solid Azure Growth 
Apple Earnings Beat Expectations as iPhone Sales Surge to Four-Year High 
Microsoft confirmed it has been tracking the Lapsus$ hacker group and released a set of recommendations for its customers on how to mitigate risks of being the next target. The company also confirmed that the group has gained “limited access” to some source codes of its products, but maintained that no customer code or data were involved in the cyber breach.
In a lengthy blog post published on Tuesday, Microsoft confirmed it has been actively monitoring the activities of the group, which it officially named DEV-0537. The tech giant noted that Lapsus$, per Microsoft’s observations in recent weeks, has employed social engineering and extortion campaigns against its targets.
Microsoft took note of the group’s claims of gaining access to its server, resulting in “exfiltrated portions of source code.” But the company assured its customers that their data and codes remain safe.
“No customer code or data was involved in the observed activities. Our investigation has found a single account had been compromised, granting limited access,” the company said. “Microsoft does not rely on the secrecy of code as a security measure and viewing source code does not lead to elevation of risk.”
Microsoft confirmed the incident a couple of days after Lapsus$ had reportedly leaked the source code for Microsoft’s software products, including Bing and Cortana. Bleeping Computer reported that the group shared a screenshot on their Telegram channel on Sunday to prove it had accessed Microsoft’s Azure DevOps server.
Lapsus$ released 9GB worth of files on late Monday, which they claimed to be containing the source code of more than 250 Microsoft projects. The same report, however, noted that uncompressed files included around 37GB of source code from the company.
Meanwhile, Microsoft warned its customers and other companies that Lapsus$ had been openly recruiting employees of potential targets who would give them credentials and multifactor authentication details in exchange for money.
The company noted that the hacker group has been using a common form of social engineering attack. They reportedly use a compromised account that they would then bombard with MFA prompts before calling the target company’s IT help desk to request for the credentials to be reset. Before Microsoft, Lapsus$ made headlines after reportedly targeting Nvidia, Samsung, and Ubisoft.
Photo by Aktar Hossain on Unsplash
