// GitHubHIGH
Microsoft disabled dozens of GitHub repositories after discovering password-stealing malware injected into open-source projects. The compromised projects, primarily related to Azure and AI development tools, exposed user credentials. Attackers distributed the malware to steal developer passwords and sensitive information. Microsoft confirmed the incident and restored some repositories after review while others remained offline. This represents a supply-chain attack targeting widely used open-source projects.
- Hackers exploit Microsoft open-source software to steal AI devel(opens in a new tab)
- Microsoft investigates breach of open-source projects after malw(opens in a new tab)
- Microsoft Open Source Security Breach, Dozens of GitHub Repos Pu(opens in a new tab)
- Microsoft GitHub Breach: How Malicious Code Targeted Artificial (opens in a new tab)
// Get alerts for GitHub