Microsoft has shut down a wave of its own repositories on GitHub, including those related to Azure and AI coding agents, as it investigates a data breach, according to research from cybersecurity researchers and a statement given to 404 Media by Microsoft. Hackers planted malware that would harvest peoples\u2019 credentials when they opened it in AI coding tools like Claude Code or Gemini CLI, according to one set of researchers.The exact contours of the breach are unclear, but researchers say Microsoft has disabled more than 70 of its own repositories, and pointed to a particular package that was previously compromised.\u201cWe have temporarily removed some repositories as we investigate potential malicious content,\u201d Microsoft told 404 Media in an emailed statement on Monday.At the time of writing, various GitHub repositories reads:\u201cThis repository has been disabled. Access to this repository has been disabled by GitHub Staff due to a violation of GitHub’s terms of service. If you are the owner of the repository, you may reach out to GitHub Support for more information.\u201d\u00a0Last week, cybersecurity website OpenSourceMalware.com, which acts as a clearing house for indicators of supply chain attacks so defenders can secure their own networks, and which also publishes its own write-ups, wrote about the mass disabling of Microsoft GitHub repositories.\u201cGitHub disabled 73 Microsoft repositories across four of its GitHub organizations\u2014the entire Azure Functions org, the whole Durable Task family, and a row of AI sample apps\u2014in a 105-second sweep on June 5,\u201d the website wrote on Friday.Is it very unusual for any company, let alone Microsoft, to disable so many of its own repositories in one go. They include 49 related to Azure, Microsoft\u2019s cloud computing arm, and some concerning AI agents.\u00a0The shutdown repositories also include ones related to durabletask, a Microsoft development tool.\u00a0Researchers from StepSecurity wrote on Friday that the GitHub closures came after a malicious commit was pushed to the durabletask repository. That attack planted configuration files that would harvest peoples\u2019 credentials when they opened the repository in Claude Code, Gemini CLI, Cursor, or VS Code, StepSecurity wrote.\u00a0Hackers from the group TeamPCP previously compromised Microsoft\u2019s durabletask, publishing three malicious versions of the tool in May. TeamPCP has performed a wealth of supply chain attacks in the first half of this year, impacting hundreds of organizations, WIRED reported.In practice, this means that any GitHub actions that used those repositories will no longer function. And coupled with the statement and research, indicates Microsoft did not fully protect itself and its users after the earlier compromise.\u201cWhy is this mentioned nowhere?\u201d one commentator on a Microsoft forum thread discussing one of the repository closures writes.<\/p>\n","protected":false},"excerpt":{"rendered":"