Microsoft has temporarily removed access to dozens of its open source projects on GitHub while it investigates how hackers were apparently able to compromise the projects and add password-stealing malware to the code.
Many of the affected repositories are linked to Microsoft Azure and developer tools used with AI coding apps such as Claude Code, Gemini’s command line interface, and Visual Studio Code. The incident has raised concerns because these types of tools are often used by developers who may have access to sensitive credentials, cloud environments, and software systems.
Security firm Cloudsmith and the community malware analysis project OpenSourceMalware were among the first to report the issue. According to their findings, the malware was designed to steal passwords and other sensitive credentials when users opened the compromised tools inside their AI coding apps.
It is not yet clear how many people downloaded the affected tools before Microsoft removed access to the repositories.
Microsoft confirmed that it had pulled some repositories from GitHub as part of its investigation. Microsoft spokesperson Ben Hope told TechCrunch that the company had temporarily removed some repositories while it reviewed potential malicious content. He said some repositories have already been restored after review, while others may remain offline as the investigation continues.
Hope also said Microsoft has notified a small number of customers who may have downloaded content from the affected repositories. The company said it will continue investigating and will contact customers directly through its established support channels if further action is needed.
If this article helped you, please consider supporting our work. Every small contribution keeps Abijita.com independent and running.
Microsoft has not publicly shared the exact number of affected customers. At least 70 Microsoft projects appear to have been disabled on GitHub. When trying to access some of the affected repository pages, users see a message saying that access has been disabled by GitHub staff due to a violation of GitHub’s terms of service.
