Microsoft's GitHub tools hacked, stealing AI developer passwords

Microsoft has disabled over 70 open-source projects on GitHub following a security breach where hackers injected malware to steal passwords. The compromised tools, many related to Azure and AI development, targeted developers using applications like Claude Code and Gemini. This incident marks the second known breach of Microsoft's open-source projects in recent weeks, raising concerns about supply chain attacks. The attackers exploited widely used code to gain access to sensitive credentials, highlighting vulnerabilities even within large tech companies' development infrastructure.