Microsoft Hacked to Deliver Malware to Claude and Gemini Users (www.404media.co)

Microsoft has initiated the shutdown of over 70 of its GitHub repositories, including those related to Azure and AI coding tools, following a significant data breach that allowed hackers to deliver malware to users of AI coding platforms like Claude Code and Gemini CLI. Cybersecurity researchers noted that the malware was designed to harvest user credentials, raising serious concerns about supply chain security, especially for a company like Microsoft. The repositories were temporarily disabled after a malicious commit was identified, which led to the implementation of security measures to protect users and investigate the breach. This incident underscores the vulnerabilities present within AI and cloud computing ecosystems, as compromised coding tools can jeopardize the security of numerous organizations. The closure of these repositories, particularly within the Azure Functions and Durable Task families, has rendered existing GitHub actions inoperable, prompting questions about Microsoft's risk management and user protection strategies. As the investigation continues, this breach highlights the need for enhanced security protocols in the development and deployment of AI tools, given the rising sophistication of supply chain attacks.