RSS

Microsoft's open source tools were hacked to steal passwords of AI developers

raffael_de2 pts0 comments

Microsoft's open source tools were hacked to steal passwords of AI developers | TechCrunch

SearchSubmit

Site Search Toggle

Mega Menu Toggle

Topics

Latest

AI

Amazon

Apps

Biotech & Health

Climate

Cloud Computing

Commerce

Crypto

Enterprise

EVs

Fintech

Fundraising

Gadgets

Gaming

Google

Government & Policy

Hardware

Instagram

Layoffs

Media & Entertainment

Meta

Microsoft

Privacy

Robotics

Security

Social

Space

Startups

TikTok

Transportation

Venture

More from TechCrunch

Staff

Events

Startup Battlefield

StrictlyVC

Newsletters

Podcasts

Videos

Partner Content

TechCrunch Brand Studio

Crunchboard

Contact Us

Image Credits: Tim Heitman / Getty Images

Security

Microsoft’s open source tools were hacked to steal passwords of AI developers

Zack Whittaker

1:03 PM PDT · June 8, 2026

Microsoft has cut off access to dozens of its open source projects hosted on GitHub as it investigates how hackers apparently breached the projects and injected password-stealing malware into the code.

Many of the affected projects relate to Microsoft’s cloud service Azure and other tools used by developers to code with AI development apps, such as Claude Code, Gemini’s command line interface, and VS Code.

According to security firm Cloudsmith and community-driven malware analysis site OpenSourceMalware, which were some of the first to flag the hack, the malware allowed the hackers to steal the users’ passwords and other sensitive credentials when they opened the compromised tools in their AI coding apps.

It’s not immediately known how many people have downloaded the affected tools.

Microsoft confirmed it pulled the repos, as first reported by 404 Media.

Microsoft spokesperson Ben Hope told TechCrunch that the company has "temporarily removed some repositories as we investigated potential malicious content."

"Some of these repos have been restored after review, while others may remain offline while work continues."

"As part of our investigation, we notified a small number of customers who may have pulled down content from the affected repositories. We will continue to investigate, and if anything further is identified that requires customer action, we will reach out directly through our established support channels,” added Hope.

Microsoft did not immediately provide the specific number of customers affected, when asked by TechCrunch.

At least 70 projects belonging to Microsoft have been "disabled," per a message loading when trying to access the projects’ pages on GitHub, a code-hosting site that Microsoft owns. "Access to this repository has been disabled by GitHub Staff due to a violation of GitHub’s terms of service."

Image Credits: TechCrunch/screenshot

This is the latest example in recent months of hackers breaching widely popular open source projects with the aim of planting malware on a large number of users who have the code installed on their computers. These hacks are known as "supply chain" attacks as they target code that is often used in a large number of software products, or by a specific kind of user, which may be advantageous to hack as they sometimes have access to cloud systems and large amounts of customers’ data.

While it’s not uncommon for sole developers of open source projects to be targeted by hackers — in some cases as part of long-running efforts to gain the trust of the developer — it is rare for large tech giants like Microsoft, which have the resources to defend against these kinds of attacks, to get breached.

This is Microsoft’s second known breach over the past few weeks that has allowed hackers to compromise its open source projects, per Ars Technica. In mid-May, security researchers said that Microsoft’s open source project Durable Task, a tool that helps developers build apps, was hacked. OpenSourceMalware said that Microsoft’s latest incident is a "re-compromise" of the Durable Task project, suggesting that Microsoft may not have eradicated the hackers on its first attempt or an entirely new, distinct breach.

Updated with comment from Microsoft.

Topics

Claude, cybersecurity, data breach, gemini, GitHub, Microsoft, open source, Security

When you purchase through links in our articles, we may earn a small commission. This doesn’t affect our editorial independence.

Zack Whittaker

Security Editor

Zack Whittaker is the security editor at TechCrunch. He also authors the weekly cybersecurity newsletter, this week in security.

He can be reached via encrypted message at zackwhittaker.1337 on Signal. You can also contact him by email, or to verify outreach, at zack.whittaker@techcrunch.com.

View Bio

June 18

Los Angeles

Get an inside look at what it takes to scale and succeed from leaders at Mach Industries, Founders Fund, and Shinkei Systems. Through candid fireside chats and high-impact networking, you’ll walk away with valuable insights and new connections.

REGISTER NOW

Most Popular

WWDC 2026: Everything announced on Siri AI, iOS 27, Apple...

microsoft open source techcrunch security projects

Related Articles

The Newest Instagram "Exploit" Is the Goofiest I've Seen

ssiddharth34 ptsaccount attacker email instagram seen like

Apple WWDC 2026 Livestream

nextstep32 ptsapple stream video event live feed

It's Not Just X. It's Y

mooreds21 ptslanguage model writing like grammarly human

Show HN: GoPeek – open links in live mini browser windows without new tabs

GeorgeWoff2518 ptsgopeek open browser links live mini

Agent Memory: An Anatomy

brgsk17 ptsmemory library user agent semantic libraries
terms · privacy · disclaimer · contact · policy
© 2026 NewsHub. All rights reserved.
This site is for informational purposes only. Content is aggregated from publicly available sources. We may earn commissions through affiliate links. Not affiliated with Y Combinator or Hacker News.