Microsoft is exposed to a new security risk as hackers may have managed to place malware inside some of its open-source projects on GitHub. These codes are designed to steal passwords and login credentials from popular developers who use AI coding tools.
The data breach has drawn major attention since many developers trust and use open-source software every day. When a trusted project is hit by a malware attack, the problem becomes far more complicated. Cybersecurity researchers have already reported the weaknesses to Microsoft, and since then, the tech giant has been quick enough to remove affected repositories. Microsoft is also reviewing the extent of the attack.
Data breaches and malware attacks are not new threats for companies like Microsoft. These tech and AI giants often face data breach trying to steal sensitive information from their internal systems.
According to reports, in the latest attack, hackers have managed to place malicious code inside dozens of GitHub repositories linked to Microsoft's open-source ecosystem. Some of these projects were used by developers building software and AI applications.
Most of the malicious repositories are connected to Azure and other developer tools through AI coding applications like Claude Code, Gemini CLI, and Visual Studio Code. Thus, users who have developed and run those tools and apps have unknowingly compromised passwords and other important credentials.
According to reports, the malware is designed to collect passwords, access tokens, and other login details. As soon as Microsoft received the update, the company took down dozens of its open-source projects from GitHub.
The company spokesperson, Ben Hope, told Techcrunch that an investigation has already underway, and they have notified a small number of customers who may have pulled down content from the affected repositories. “We will continue to investigate, and if anything further is identified that requires customer action, we will reach out directly through our established support channels,” he added.
Open-source software has become a big part of AI development. Many companies use public tools and code libraries to save time and speed up their work. The problem is that a single infected project can affect many people. A single repository may be used by thousands of developers around the world. If harmful code gets inside, the impact can spread quickly.
AI developers are especially dependent on shared tools. Many projects rely on code created by outside contributors. Hackers understand this. Instead of attacking companies one by one, they can target a widely used project and reach many victims at once.
Also Read: Top Cybersecurity Programming Languages to Learn in 2026
For developers, the first step is checking whether they downloaded code from affected repositories. It is also a good idea to review recent activity on accounts and systems. Security experts recommend changing passwords, replacing access keys, and checking for unusual logins. Teams should also look for files or code changes they do not recognize.
Finding a problem early can help limit the damage. Even if no signs of an attack appear, reviewing security settings is worth the effort. The rise of scams makes it important for developers to conduct thorough checks and regular security reviews.