Microsoft shuts down its open source projects hosted on GitHub as it investigates a data breach
Recently, it was reported that hackers have breached Microsoft’s open source projects and have injected password-stealing malware into AI coding tools like Claude Code or Gemini CLI. The malware allowed the hackers to steal the users’ passwords and other sensitive credentials when they opened the compromised tools in their coding apps.
Microsoft is currently investigating this data breach, due to which the company has shut down a wave of its own repositories on GitHub. According to the company’s statement (via 404 Media), “We have temporarily removed some repositories as we investigate potential malicious content.”
Reportedly, Microsoft is said to have disabled 73 repositories across 4 GitHub organisations – Azure, Azure-Samples, Microsoft and MicrosoftDocs in 105 seconds. It is not yet clear how many users have been affected due to the hacking.
But Microsoft spokesperson Ben Hope has said to TechCrunch, “As part of our investigation, we notified a small number of customers who may have pulled down content from the affected repositories. We will continue to investigate, and if anything further is identified that requires customer action, we will reach out directly through our established support channels.”
Last month, Microsoft’s open source project Durable Task, a tool that helps developers build apps, was hacked, and recently it was revealed that in this month’s breach, the Durable Task Project has been re-compromised.
Stay tuned with The Tech Outlook for the latest tech updates.
