Microsoft's AI Tools Hacked: Password Theft Nightmare for Developers

Microsoft disabled dozens of its open-source projects hosted on GitHub after hackers breached the repositories and injected password-stealing malware into the code.

At least 70 Microsoft projects have been disabled, with a message appearing on their GitHub pages: "Access to this repository has been disabled by GitHub Staff due to a violation of GitHub's terms of service."

The compromised tools related to Microsoft's cloud service Azure and developer platforms used for AI coding apps, including VS Code, Claude Code, and Google's Gemini command line interface. Security firm Cloudsmith and malware analysis site OpenSourceMalware were among the first to identify the breach.

The malware was designed to steal user passwords and sensitive credentials when developers opened the compromised tools in their AI coding apps.

Microsoft confirmed it pulled the repos and notified "a small number of customers" who may have downloaded the affected content. The company has not revealed how many people downloaded these poisoned tools or the full extent of the damage.

In a statement to TechCrunch, Microsoft spokesperson Ben Hope said the company has "temporarily removed some repositories as we investigated potential malicious content" and that "some of these repos have been restored after review, while others may remain offline while work continues."

This is Microsoft's second known breach in recent weeks targeting its open-source projects. The incidents demonstrate that even tech giants with substantial resources face supply chain attack risks.