Microsoft GitHub Repos Disabled After Malware Injection in AI Developer Tools

Microsoft disabled access to at least 70 GitHub repositories containing open-source Azure and AI coding tools after hackers injected password-stealing malware, as reported by TechCrunch on June 8, 2026, citing Cloudsmith and OpenSourceMalware detections. Microsoft spokesperson Ben Hope confirmed temporary removal of repositories and notification of affected customers. The incident targeted tools including VS Code extensions and interfaces for Claude and Gemini. Microsoft's prior breach of the Durable Task project in mid-May 2025 was described by OpenSourceMalware as a re-compromise, per Ars Technica coverage of the same repositories. GitHub staff messages on affected pages cited violations of terms of service. No download counts or specific customer numbers were released by Microsoft. Supply-chain attacks on open-source projects have previously affected credential-harvesting in developer environments, as documented in 2023-2025 incidents tracked by OpenSourceMalware. The current case involved multiple Microsoft-owned repos linked to AI workflows, with malware activated on tool launch.