Microsoft Investigates Malware Injection in Open Source Repositories

Microsoft has temporarily disabled access to dozens of its open-source projects on GitHub following the discovery of malicious code injections. Security researchers identified that these repositories, which include tools for Azure and AI-integrated development environments like VS Code, were compromised to distribute password-stealing malware. By targeting these widely used utilities, attackers aimed to harvest sensitive credentials from developers who integrated the compromised code into their workflows.

This incident highlights the growing threat of supply chain attacks, where hackers infiltrate trusted software ecosystems to gain broad access to downstream users. The breach is particularly concerning because it targets developers working with high-value AI tools, potentially exposing cloud infrastructure and proprietary data. Microsoft has confirmed it is reviewing the affected repositories and has begun notifying customers who may have downloaded the malicious content, though the full scope of the exposure remains under investigation.

Notably, this marks the second time in recent weeks that Microsoft’s open-source infrastructure has been targeted, with reports suggesting a potential re-compromise of previously affected projects. The recurring nature of these breaches raises questions regarding the security protocols governing large-scale corporate repositories. As tech giants increasingly rely on open-source contributions, this event serves as a critical reminder of the vulnerabilities inherent in the software supply chain and the urgent need for more robust verification processes for code distribution.