Github security mess
Hal Murray
halmurray at sonic.net
Tue Jun 16 06:02:13 UTC 2026
In case you haven't seen in yet
Microsoft's open source tools were hacked to steal passwords of AI
developers
https://techcrunch.com/2026/06/08/microsofts-open-source-tools-were-hacked
-to-steal-passwords-of-ai-developers/
Microsoft has cut off access to dozens of its open source projects hosted
on GitHub as it investigates how hackers apparently breached the projects
and injected password-stealing malware into the code.
Many of the affected projects relate to Microsoft\u2019s cloud service
Azure and other tools used by developers to code with AI development apps,
such as Claude Code, Gemini\u2019s command line interface, and VS Code.
According to security firm Cloudsmith and community-driven malware
analysis site OpenSourceMalware, which were some of the first to flag the
hack, the malware allowed the hackers to steal the users\u2019 passwords
and other sensitive credentials when they opened the compromised tools in
their AI coding apps.
--
These are my opinions. I hate spam.
More information about the devel
mailing list