Back to News
techcrunch.com 18 hours ago URGENCY: 7/10

Microsoft's Open-Source Tools Hacked: Passwords Stolen

Microsoft's open-source projects on GitHub were hacked, leading to the theft of passwords from AI developers. Discover how this breach impacts users and what Microsoft is doing to address the situation.

Share
Microsoft's Open-Source Tools Hacked: Passwords Stolen

Overview of the Breach

Microsoft has temporarily disabled access to numerous open-source projects on GitHub after discovering a significant security breach. Hackers injected password-stealing malware into the code, targeting tools related to Microsoft’s Azure cloud service and popular AI development applications like Claude Code and VS Code.

According to security experts, the malware compromised user credentials when developers interacted with the affected tools. Microsoft has confirmed that it is investigating the incident and has notified a select group of customers who may have downloaded the compromised content.

  • Key points of the breach include:
  • Over 70 Microsoft projects have been disabled on GitHub.
  • The malware targets users with access to sensitive data.
  • This incident follows another breach involving Microsoft's Durable Task project.
As the investigation continues, Microsoft is working to restore some repositories while ensuring the safety of its users. This incident highlights the growing threat of supply chain attacks in the tech industry, even for major players like Microsoft.
Share
Source: Read Original ↗