Microsoft cut access to dozens of GitHub repos after attackers slipped credential‑stealing malware into popular developer tools. This guide explains the Microsoft GitHub supply chain attack 2026, what was hit, who is at risk, and the exact steps you should take now to check, contain, and recover. Microsoft disabled access to at least 70 open source projects on GitHub while it investigated malicious code planted in some repos. Early reports from Cloudsmith and OpenSourceMalware say the malware tried to steal passwords and other secrets when developers opened or used the compromised tools inside AI coding apps, including Claude Code, Gemini’s command line tool, and Visual Studio Code. Microsoft said some repos are now restored, others are still offline, and a “small number” of customers were notified. This comes weeks after a separate breach of Microsoft’s Durable Task project, which some researchers say may have been re‑compromised.

What happened in the Microsoft GitHub supply chain attack 2026

Attackers gained access to some Microsoft‑owned open source repos and injected credential‑stealing malware. When developers cloned, installed, or opened the affected tools, the malware attempted to exfiltrate passwords, tokens, and other credentials. GitHub then disabled many of the repos due to terms of service violations while Microsoft reviewed and cleaned them up.

What got hit

– Projects tied to Azure and cloud development workflows – Tools and integrations often used with AI coding apps (Claude Code, Gemini CLI, VS Code) – Prior incident linked to the Durable Task open source project Exact download counts are unknown. Risk varies by which repo and version you used and when you pulled it.

Why this matters

– It is a supply chain attack. One poisoned repo can reach many devs fast. – Developer machines often hold powerful secrets. A single stolen token can open cloud accounts and CI/CD pipelines. – Big vendors are not immune. Due diligence and verification still matter, even for “official” sources.

Are you affected?

You should assume exposure if any of the below are true since mid‑May 2026: – You cloned or updated Microsoft repos that tie to Azure or AI development. – You installed or updated VS Code extensions, CLIs, or SDKs linked to the disabled repos. – You used Claude Code or Gemini CLI that pulled Microsoft tools recently. – You see unusual sign‑ins, token use, or repo actions in your logs. If you touched code tied to the Microsoft GitHub supply chain attack 2026, treat your developer machine and its secrets as potentially compromised until proven clean.

What to do now: fast triage and containment

1) Isolate and inspect endpoints

– Stop using suspected tools and repos. – Disconnect affected machines from the network if you see signs of compromise. – Run a full AV/EDR scan. If malware is found, consider a clean rebuild from a trusted image or backup.

2) Rotate and revoke secrets

– Change passwords for your accounts and admin users. – Revoke and replace GitHub PATs, SSH keys, deploy keys, and OAuth tokens. – Rotate Azure secrets: service principal credentials, storage keys, access keys, and connection strings. – Invalidate tokens used by CI/CD, package publishing, and automation. – Re‑enroll MFA if you suspect session theft.

3) Audit your accounts and logs

– GitHub: check audit logs, recent token use, new OAuth app grants, and branch protection changes. – Azure/Entra ID: review sign‑ins, activity logs, role changes, and key usage. – Cloud and GitHub alerts: look for new repositories, webhooks, or runners you did not create.

4) Notify and document

– Alert your security team. – Inform stakeholders if secrets could affect customer data or infrastructure. – Preserve logs for investigation.

Reinstall with trust: verify before you run

Get clean sources

– Only download from repos that Microsoft has restored or from official release pages. – Avoid mirrors or forks unless you can verify integrity.

Verify authenticity

– Check signed releases and verify signatures (for example, GPG or Sigstore/cosign when offered). – Validate checksums (SHA‑256) against official release notes. – Prefer package manager provenance and attestations when available.

Control versions

– Pin exact versions and maintain lockfiles. – Disable auto‑updates for critical dev tools until advisories clear. – Test updates in a sandbox before rolling out.

Reduce future exposure

Harden identities and secrets

– Enforce 2FA/passkeys for GitHub and cloud. – Use fine‑grained, short‑lived tokens and remove unused scopes. – Store secrets in a managed secret vault, not in env files or code.

Contain the blast radius

– Use non‑admin user accounts for daily dev work. – Run tools in isolated containers, devcontainers, or VMs. – Restrict egress with network allowlists for build and dev hosts.

Secure the software supply chain

– Require two reviewers for code changes in critical repos. – Enable Dependabot alerts, secret scanning, and code scanning in GitHub. – Use private artifact repositories or registries with malware scanning and provenance checks. – Track SBOMs for key apps and monitor for vulnerable components. Since the Microsoft GitHub supply chain attack 2026 shows how fast trusted channels can be abused, build verification into your normal workflow, not just during a crisis.

What Microsoft has said and what to watch

Microsoft said it removed some repositories while it investigated, restored a portion after review, and is contacting a small number of potentially affected customers. At least 70 repos showed as disabled by GitHub during the response. This follows a mid‑May breach of the Durable Task project, which some researchers call a re‑compromise. Keep an eye on: – Microsoft Security Response Center advisories – GitHub security advisories for restored projects – Updates from Cloudsmith and OpenSourceMalware on indicators of compromise A clear advisory from Microsoft should include which repos, versions, and time windows were affected and any indicators you can hunt for. Until then, use the steps above to reduce risk. The bottom line: Treat developer systems as high‑value targets. Verify sources, rotate secrets, and contain tools. With quick action and stronger guardrails, you can cut the impact of the Microsoft GitHub supply chain attack 2026 and be better prepared for the next attempt.

(Source: https://techcrunch.com/2026/06/08/microsofts-open-source-tools-were-hacked-to-steal-passwords-of-ai-developers/)

For more news: Click Here

FAQ