Microsoft’s open source tools were hacked to steal passwords of AI developers

2026-06-08 · Source: TechCrunch · Field: Technology & Digital — Artificial Intelligence & Machine Learning, Cybersecurity & Data Privacy, Software Development & Engineering · Depth: Fundamental Awareness, quick

Summary

Microsoft has temporarily disabled access to dozens of its open source projects on GitHub following a breach where hackers injected password-stealing malware. The affected projects, many related to Azure and AI development tools like Claude Code, Gemini's command line interface, and VS Code, allowed attackers to steal user credentials when opened. Security firms Cloudsmith and OpenSourceMalware first flagged the incident, which Microsoft confirmed, stating some repositories have been restored while others remain offline for investigation. This incident marks Microsoft's second known breach of open source projects in weeks, with OpenSourceMalware suggesting a "re-compromise" of the Durable Task project. This highlights a growing trend of "supply chain" attacks targeting widely used open source code, even from large tech giants.

Key takeaway

For AI Engineers and Software Engineers relying on open source tools, this incident underscores the critical need for enhanced supply chain security. You should immediately verify the integrity of any Microsoft open source projects you have integrated, especially those related to Azure or AI development apps like Claude Code or Gemini. Implement robust credential management, including multi-factor authentication, and consider sandboxing development environments to mitigate risks from compromised dependencies.

Key insights

Hackers are exploiting open source supply chains, even within major tech companies, to steal developer credentials.

Principles

• Open source projects, even from large vendors, are vulnerable to supply chain attacks.
• Credential-stealing malware is a primary objective in these breaches.
• Re-compromise indicates persistent threats or incomplete remediation.

In practice

• Monitor open source dependencies for unexpected code changes.
• Implement multi-factor authentication for all developer accounts.
• Regularly audit developer tools for signs of compromise.

Topics

• Open-Source Security
• Supply Chain Attacks
• Credential Theft
• GitHub Security
• Azure Development
• AI Development Tools

Best for: CTO, VP of Engineering/Data, Director of AI/ML, AI Engineer, Software Engineer, AI Security Engineer

Related on AIssential

• For the 2nd time in weeks, Microsoft packages laced with credential stealer — Supply chain attacks exploit trust models, not vulnerabilities, using compromised credentials to publish cryptographically verified malicious packages.
• Open-source security is a mess - IBM and Red Hat bet $5 billion and 20,000 engineers can fix it — AI-powered, human-validated initiatives can secure open-source software at scale, addressing escalating vulnerability reports.
• OpenAI Among the Companies Affected by TanStack Breach — Software supply chain attacks exploiting GitHub Actions can compromise open-source libraries and spread credential-stealing malware.
• GitHub confirms 3,800 internal repos stolen through poisoned VS Code extension as supply chain worm hits Microsoft’s Python SDK — Chained supply chain and AI agent vulnerabilities are actively exploited, bypassing traditional security measures.
• Delve did the security compliance on LiteLLM, an AI project hit by malware — Open-source projects face significant supply chain risks, even with security certifications.
• “Vercel Hack Exposed: How a Simple AI Tool Led to a $2M Data Breach” — The Vercel breach demonstrates how compromised third-party OAuth tokens can enable long-term, deep supply chain attacks.

Open in AIssential →

Editorial summary, takeaway, and curation by AIssential. Original article published by TechCrunch.