Microsoft's second supply chain breach in weeks hits Azure, Claude Code, and VS Code repos
Hackers injected password-stealing malware into at least 70 Microsoft open source GitHub repos — Azure utilities, Claude Code integrations, Gemini CLI, and VS Code extensions — with Cloudsmith confirming this as a re-compromise of the Durable Task project, meaning the May cleanup left the attacker's foothold intact. Developers who pulled any of the affected packages before the repos were disabled may have exposed credentials to the attackers.
Source: techcrunch.com ↗
As part of our investigation, we notified a small number of customers who may have pulled down content from the affected repositories.
Ben Hope, Microsoft
Why this matters
- → Developers using Azure, Claude Code, VS Code may have exposed credentials to attackers.
- → Microsoft's second breach in weeks suggests attackers retained access after May cleanup.
- → Supply chain attack affects widely-used tools relied on by thousands of developers.
Supply chain sabotage strikes twice