Microsoft Projects Hacked: AI Developers Targeted

Microsoft has temporarily restricted access to dozens of open-source projects on the GitHub platform. This was caused by hackers placing malware designed to steal passwords into the project code. The company is currently investigating the details of this cyberattack. According to Techcrunch.com reports .

Most of the affected projects relate to tools designed for working with the Microsoft Azure cloud service and AI applications. In particular, specialists writing code through programs such as Claude Code, the Gemini command panel interface, and VS Code are at risk. Cloudsmith and OpenSourceMalware security services were among the first to detect this breach.

Experts note that the malicious code allowed the theft of passwords and other confidential data when developers opened these tools in their AI applications. It is not yet clear how many users downloaded this dangerous code. Microsoft representatives confirmed that at least 70 projects on GitHub had their operations suspended due to violations of the terms of service.

This incident is another example of "supply chain" attacks. In such attacks, hackers target popular code used in many software products. Through this, they aim to gain access to the devices of highly qualified specialists who have access rights to cloud systems and large volumes of customer data.

This is the second major security issue for Microsoft in recent weeks. In mid-May, reports emerged that the company's Durable Task project had also been breached. Experts believe the new attack indicates that the previous threat was not fully eliminated or that hackers employed new, more sophisticated methods.