Microsoft’s open source tools hacked to steal AI developers’ passwords

Microsoft has cut off access to its open source projects hosted on GitHub as it investigates whether hackers have apparently breached the projects and inserted password-stealing malware into the code.

Many of the affected projects are related to Microsoft’s Azure cloud service and other tools used by developers to write AI development applications, such as Claude Code, Gemini’s command line interface, and VS Code.

According to security firm Cloudsmith and community-run malware analysis site OpenSourceMalware, which were among the first to flag the hack, the malware allowed hackers to steal user passwords and other sensitive credentials when they opened compromised tools in their AI code applications.

It was not immediately known how many people downloaded the affected devices.

Microsoft has confirmed that it has pulled the repos, as first reported by 404 Media.

Microsoft spokesman Ben Hope told TechCrunch that the company has “temporarily removed the repositories as we investigate potentially malicious content.”

“Some of these sites have been restored after the update, while others may remain offline while the work continues.”

“As part of our investigation, we have notified a small number of customers who may have withdrawn content from the affected repositories. We will continue to investigate, and if anything else is identified that requires customer action, we will reach out directly through our established support channels,” added Hope.

Microsoft did not immediately provide a specific number of affected customers, when asked by TechCrunch.

At least 70 Microsoft projects have been “disabled,” per a message that loads when you try to access the projects’ pages on GitHub, a Microsoft-owned code hosting site. “Access to this repository has been disabled by GitHub Staff due to a violation of GitHub’s terms of service.”

This is the latest example in recent months of hackers breaking into popular open source projects with the aim of planting malware on large numbers of users with the code installed on their computers. These hacks are known as “supply chain” as they target code that is commonly used in a large number of software products, or a specific type of user, which may be profitable to hack as they sometimes have access to cloud systems and large amounts of customer data.

While it is common for individual developers of open source projects to be targeted by hackers – in some cases as part of a long-term effort to gain developer trust – it is not uncommon for large technology giants such as Microsoft, which have resources to defend against these types of attacks, to be breached.

This is Microsoft’s second known breach in the past few weeks that has allowed hackers to compromise its open source projects, according to Ars Technica. In mid-May, security researchers said Microsoft’s open source project Durable Task, a tool that helps developers build apps, was hacked. OpenSourceMalware said Microsoft’s latest incident was a “re-compromise” of the Durable Task project, suggesting that Microsoft may not have cracked the hackers on its first attempt or that the breach was entirely new.

Updated with comments from Microsoft.