AI coding agents exposed as Microsoft investigates malicious GitHub commits

09 June 2026 , 12:20
536     0
AI coding agents exposed as Microsoft investigates malicious GitHub commits
AI coding agents exposed as Microsoft investigates malicious GitHub commits

Microsoft took the highly unusual step of shutting down more than 70 of its own GitHub repositories after hackers pushed malware that would steal credentials from AI coding agent users.

As reported by 404 Media, Microsoft has shut down a wave of its own repositories on GitHub, including those related to Azure and AI coding agents, as it investigates a data breach.

According to cybersecurity researchers and a statement Microsoft gave to 404 Media, hackers planted malware designed to steal users’ credentials when repositories were opened in AI coding tools such as Claude Code or Gemini CLI.

The exact contours of the breach are unclear, but researchers say Microsoft has disabled more than 70 of its own repositories, and pointed to a particular package that was previously compromised.

“We have temporarily removed some repositories as we investigate potential malicious content,” Microsoft told 404 Media in an emailed statement on Monday.

At the time of writing, various GitHub repositories reads:

“This repository has been disabled. Access to this repository has been disabled by GitHub Staff due to a violation of GitHub’s terms of service. If you are the owner of the repository, you may reach out to GitHub Support for more information.” 

Last week, cybersecurity website OpenSourceMalware.com, which acts as a clearing house for indicators of supply chain attacks so defenders can secure their own networks, and which also publishes its own write-ups, wrote about the mass disabling of Microsoft GitHub repositories.

“GitHub disabled 73 Microsoft repositories across four of its GitHub organizations—the entire Azure Functions org, the whole Durable Task family, and a row of AI sample apps—in a 105-second sweep on June 5,” the website wrote on Friday.

Is it very unusual for any company, let alone Microsoft, to disable so many of its own repositories in one go. They include 49 related to Azure, Microsoft’s cloud computing arm, and some concerning AI agents. 

The shutdown repositories also include ones related to durabletask, a Microsoft development tool. 

Researchers from StepSecurity wrote on Friday that the GitHub closures came after a malicious commit was pushed to the durabletask repository. That attack planted configuration files that would harvest peoples’ credentials when they opened the repository in Claude Code, Gemini CLI, Cursor, or VS Code, StepSecurity wrote. 

Hackers from the group TeamPCP previously compromised Microsoft’s durabletask, publishing three malicious versions of the tool in May. TeamPCP has performed a wealth of supply chain attacks in the first half of this year, impacting hundreds of organizations, WIRED reported.

In practice, this means that any GitHub actions that used those repositories will no longer function. And coupled with the statement and research, indicates Microsoft did not fully protect itself and its users after the earlier compromise.

“Why is this mentioned nowhere?” one commentator on a Microsoft forum thread discussing one of the repository closures writes.

Editorial Team

James Smith

Editor-in-Chief

Cybersecurity, Azure platform, Malware, GitHub, Microsoft

Read more similar news:

03.02.2023, 14:08 • News
Inside quietest room in the world where no one can stay inside for over an hour
08.02.2023, 14:52 • More
Call of Duty could be removed from Microsoft's Activision deal
10.02.2023, 17:33 • More
Sony set on 'sabotaging' Microsoft's Activision buyout alleges Bobby Kotick
05.01.2023, 14:21 • News
Inside world's quietest room - where you can hear your bones grind and neck turn
11.01.2023, 15:01 • More
Xbox Game Pass January 2023: Monster Hunter Rise and Persona 4 lead the way
25.01.2023, 09:12 • More
Xbox Live is down along with Microsoft Teams, and Outlook
01.03.2023, 15:54 • More
Xbox Games with Gold March 2023: traverse eras in Truberbrook and more
08.03.2023, 15:33 • More
Starfield release date finally confirmed and it's later than we were promised
11.03.2023, 09:27 • Tech
Another nightmare for Windows PC users as millions get blocked from popular app
13.03.2023, 19:00 • More
GTA 6 may scrap content to sell as DLC later to make 2024 release