GoKawiilMicrosoft has cut off access to dozens of its open-source projects hosted on GitHub as it investigates how hackers apparently breached the projects and injected password-stealing malware into the code.
Many of the affected projects relate to Microsoft’s cloud service Azure and other tools used by developers to code with AI development apps, such as Claude Code, Gemini’s command line interface, and VS Code.
According to security firm Cloudsmith and community-driven malware analysis site OpenSourceMalware, who were some of the first to flag the hack, the malware allowed the hackers to steal the user’s passwords and other sensitive credentials when they opened the compromised tools in their AI coding apps.
It’s not immediately known how many people have downloaded the affected tools.
Microsoft confirmed it pulled the repos, as first reported by 404 Media.
Microsoft spokesperson Ben Hope told TechCrunch that the company has “temporarily removed some repositories as we investigated potential malicious content.”
“Some of these repos have been restored after review, while others may remain offline while work continues.”
“As part of our investigation, we notified a small number of customers who may have pulled down content from the affected repositories. We will continue to investigate, and if anything further is identified that requires customer action, we will reach out directly through our established support channels,” added Hope.
Microsoft did not immediately provide the specific number of customers affected, when asked by TechCrunch.
At least 70 projects belonging to Microsoft have been “disabled,” per a message loading when trying to access the projects’ pages on GitHub, a code-hosting site that Microsoft owns. “Access to this repository has been disabled by GitHub Staff due to a violation of GitHub’s terms of service.”
... continue reading