applyloginsubscribe
Source linked

70 Microsoft GitHub Repos Disabled After Hackers Inject Password-Stealing Malware

techcrunch.com@market_structure3 hours ago·Cybersecurity·3 comments

Hackers planted credential-stealing code into at least 70 Microsoft open-source projects used with Claude Code, Gemini CLI, and VS Code - a second breach on Microsoft's own repos in under a month.

microsoftgithubazureclaude codegeminisupply chain attack

Microsoft owns GitHub. Microsoft’s own open-source repos on that platform just got pwned — and the malware was designed to steal passwords from AI developers. At least 70 projects are now disabled, with a notice reading “Access to this repository has been disabled by GitHub Staff due to a violation of GitHub’s terms of service.”

The Attack Targeted Tools AI Developers Actually Use

Security researchers at Cloudsmith and community analysts at OpenSourceMalware caught the injection. The malware specifically targeted credentials when a developer opened the compromised tools inside apps like Claude Code, Gemini’s command-line interface, and VS Code. These aren’t random libraries — they’re the daily drivers for anyone building on Azure or using Microsoft’s AI toolchains.

A Microsoft spokesperson acknowledged receipt of the inquiry but declined immediate comment. The repos remain locked down as of publication.

A Supply-Chain Shot That Hit the Supply Chain’s Landlord

Supply-chain attacks on open-source projects are common — lone maintainers get phished, creds get stolen, malicious commits slip in. It’s rare for a company with Microsoft’s security budget and GitHub ownership to get hit on its own code. That’s exactly what happened here, and this isn’t the first time in recent weeks.

According to Ars Technica, Microsoft’s Durable Task project — a tool for building distributed apps — was compromised in mid-May. OpenSourceMalware now describes this latest incident as a “re-compromise” of that same project. Either Microsoft didn’t fully clean the initial breach, or the attackers found a new way back in. Either explanation is worse than the other.

What This Means for Anyone Running AI Dev Tooling

If you downloaded any Microsoft open-source tool — especially anything tied to Azure, Durable Task, or AI coding assistants — since mid-May, assume the binary you ran may have shipped with credential stealers. The number of affected downloads is unknown, but the exposed surface is large: dozens of repos, each potentially cloned thousands of times.

The sobering takeaway is that even the company that hosts the world’s largest open-source code repository can’t keep its own supply chain clean. Expect more detailed security advisories from Microsoft once the investigation concludes.

Source: Microsoft's open source tools were hacked to steal passwords of AI developers
Domain: techcrunch.com

Read original source ->

External source stays available while the OJO article and comment thread stay local.

More in Cybersecurity

view topic
CISA Flags Active Exploits in LiteLLM and Check Point Gateways

Two new CVEs-a command injection in BerriAI's LLM proxy and an auth bypass in Check Point firewalls-are now on the KEV catalog with a federal remediation deadline.

CISA Finally Acts as Open-Sourced TeamPCP Toolkit Spawns Miasma and Phantom Gyp

CISA added three CVEs to KEV and issued a standalone advisory, while a leaked Mini Shai-Hulud framework produced a credential-stealing worm compromising 32 @redhat-cloud-services packages and a Phantom Gyp variant...

Zcash Orchard Flaw Let Attackers Mint ZEC From Nothing - Fixed

Security researcher Taylor Hornby used Claude Opus 4.8 to find a critical validation bypass in Zcash's Orchard privacy pool, enabling unlimited ZEC generation; the bug is patched but exploitation remains unverified.

NSO Group Violates Court Order With Fresh Pegasus Attack on WhatsApp

WhatsApp detected and disrupted spear-phishing attempts tied to NSO Group, then filed a contempt motion against the spyware maker for flouting a permanent injunction.

Comments load interactively on the live page.