All Topics
All Topics
Technology
Technology
Design
Design
Programming
Programming
Science
Science
News
News
Gaming
Gaming
Entertainment
Entertainment
Business
Business
Finance
Finance
Sports
Sports
Health
Health
Food
Food
Travel
Travel
Art
Art
Music
Music
Books
Books
Education
Education
Politics
Politics
Personal
Personal
Bluesky
Twitter
No algorithm. No AI slop. No ads. Just RSS. Pro-human. Indie writers. Real journalism. Open web. Chronological. Hand toasted.

Microsoft shuts down GitHub repositories after hackers inject password-stealing malware into Azure and AI developer tools

By

Zack Whittaker

7d ago· 4 min readenNews
Bagel score 85 of 100
85/100
Golden Brown
Bagelometer

The bagel they save for the regulars. Don't skim, savour.

Score85TypenewsSentimentnegative

Summary

Microsoft was forced to shut down dozens of its open source GitHub repositories after hackers breached the projects and injected password-stealing malware into the code. The affected projects primarily relate to Microsoft's Azure cloud service and AI development tools like Claude Code, Gemini's CLI, and VS Code. Security firm Cloudsmith and OpenSourceMalware flagged the hack, which targeted AI developers by embedding credential-stealing malware in the code repositories.

Key quotes

· 3 pulled
Microsoft has cut off access to dozens of its open source projects hosted on GitHub as it investigates how hackers apparently breached the projects and injected password-stealing malware into the code.
Many of the affected projects relate to Microsoft's cloud service Azure and other tools used by developers to code with AI development apps, such as Claude Code, Gemini's command line interface, and VS Code.
According to security firm Cloudsmith and community-driven malware analysis site OpenSourceMalware, which were some of the first to flag the hack, the malware allowed the hackers to
Snippet from the RSS feed
Microsoft shut down dozens of GitHub code repositories for Azure and AI coding tools after a reported hack.

You might also wanna read

Microsoft Hacked to Deliver Malware to Claude and Gemini Users

404media.co·6d ago

Microsoft shuts down 70+ GitHub repos after Miasma malware infection, begins restoring them

Microsoft was forced to shut down over 70 GitHub repositories after a self-replicating malware campaign called Miasma infected them with pas

neowin.net·6d ago

Microsoft open source packages compromised with credential-stealing malware targeting AI coding agents

Dozens of cryptographically verified open source packages from Microsoft were compromised to include advanced credential-stealing code that

arstechnica.com·7d ago

GitHub Disables 73 Microsoft Repositories After Miasma Worm Attack

On June 5, GitHub disabled 73 Microsoft-owned repositories after the Miasma worm (a variant of Mini Shai-Hulud) infiltrated projects across

briefly.co·6d ago

Miasma Worm Compromises Microsoft Azure Repositories, GitHub Auto-Disables 73 Packages

Supply chain attacks continue to plague the software ecosystem, with Microsoft's own open source Azure repositories being automatically disa

hackaday.com·2d ago

Supply Chain Attack via Malicious Commit Hits 73 Microsoft GitHub Repositories

GitHub disabled 73 Microsoft repositories on June 5 after a malicious commit was discovered in an Azure project, part of a supply chain atta

ow.ly·6d ago