Microsoft’s Open Source Under Fire! Massive Hacking Targeting AI Developers’ Passwords

📰 News Summary

• Microsoft has blocked access to over 70 open-source projects hosted on GitHub for investigation.
• It has been discovered that hackers infiltrated these projects and injected malware designed to steal passwords and confidential information.
• The tools affected include major resources used by AI developers, such as Azure-related tools, Claude Code, Gemini CLI, and VS Code.

💡 Key Points

• This attack is classified as a “supply chain attack,” directly targeting developers who have access to cloud systems and customer data through trusted development tools.
• It’s highly unusual for a giant like Microsoft to be hacked twice within a few weeks.
• Notably, the “Durable Task” project has faced its second breach since mid-May, indicating that initial countermeasures were either insufficient or that new vulnerabilities were exploited.

🦈 Shark’s Eye (Curator’s Perspective)

The contamination of tools used at the forefront of AI development is a massive deal, akin to being “bitten from behind”! What stands out is that agent-based tools like Claude Code and Gemini CLI—crucial for AI development in 2026—are the targets here. Hackers are zeroing in on the authentication details of developers as they code at lightning speed using AI. The fact that a titan like Microsoft has allowed a repeat breach on the same project in such a short span suggests that the attack methods are either highly sophisticated or relentless. In an era where we’re deeply integrating AI into our development environments, we need to be more vigilant than ever when adopting new tools!

🚀 What Lies Ahead?

Until Microsoft completes a thorough audit of all repositories, many open-source projects will remain offline. It’s certain that security standards for development environments will be significantly strengthened, including signature verification for the distribution of development tools and restrictions on the credentials accessible to AI agents.

💬 A Word from Haru Shark

It’s terrifying to think our trusted tools could be tainted! Developers, be extra cautious with updates from suspicious repositories right now! Shark out!

📚 Glossary

• Supply Chain Attack: A method of attack that exploits vulnerabilities in the software manufacturing and distribution process (supply chain) to deliver malware to end-users.

• Repository (Repo): A storage location for program code and its change history.

• Credentials: A collective term for information that proves one’s identity and grants access, including passwords, IDs, and API keys.

• Source: Microsoft’s open source tools were hacked to steal passwords of AI developers