Microsoft has cut off access to dozens of its open-source projects hosted on GitHub due to a security breach. The affected projects, many of which relate to Microsoft's cloud service Azure, were found to contain password-stealing malware.
The malware allowed hackers to steal user passwords and other sensitive credentials when they opened the compromised tools in their AI coding apps. At least 70 Microsoft projects have been disabled on GitHub, with a message indicating that access was disabled due to a violation of GitHub's terms of service.
This incident is the latest example of hackers targeting open-source projects to plant malware on a large number of users' computers. It is also Microsoft's second known breach in recent weeks, following a similar incident involving the company's open-source project Durable Task.
