Microsoft has restricted access to numerous open-source projects on GitHub amid an investigation into hacker activity that reportedly compromised these projects and integrated malware designed to steal passwords.
The projects impacted are primarily associated with Microsoft’s Azure cloud service and tools for AI development, including Claude Code, Gemini’s command line interface, and VS Code.
Security firm Cloudsmith and the malware analysis site OpenSourceMalware were among the first to detect the breach. They report that the malware enables hackers to access users’ passwords and sensitive credentials when the compromised tools are utilized in AI coding applications.
The number of users who have downloaded the compromised tools remains unclear.
Microsoft confirmed the removal of the repositories, as initially reported by 404 Media. A company spokesperson acknowledged receipt of emails regarding the issue but has not yet provided further comments.
According to messages displayed on GitHub, at least 70 Microsoft projects have been “disabled” due to violations of GitHub’s terms of service, preventing access to these repositories.
This incident is part of a growing trend where hackers infiltrate high-profile open-source projects to install malware on users’ systems. Known as “supply chain” attacks, these breaches target widely-used code, often leveraged in multiple software products, providing hackers access to cloud systems and extensive customer data.
While individual developers of open-source projects are frequently targeted by hackers, large tech companies like Microsoft are seldom breached due to their extensive resources for defense.
This marks the second breach Microsoft has experienced in recent weeks involving its open-source projects, as reported by Ars Technica. In mid-May, security researchers identified a compromise in Microsoft’s Durable Task project. OpenSourceMalware has characterized the latest incident as a “re-compromise” of the Durable Task project, implying that the initial hacker presence may not have been entirely eradicated or that this may represent a new breach.
When you purchase through links in our articles, we may earn a small commission. This doesn’t affect our editorial independence.
