Microsoft GitHub repos hit by malware aimed at AI coding tools
404 Media reported that Microsoft shut down more than 70 of its own GitHub repositories. The report says hackers planted malware meant to steal credentials when users opened the code in AI coding tools such as Claude Code or Gemini CLI. Microsoft said it is investigating a data breach, and the full scope is still unclear.
Key points
- Microsoft disabled more than 70 of its own GitHub repositories.
- Researchers said the planted malware targeted credentials from AI coding tool users.
- Claude Code and Gemini CLI were named in the report.
- Microsoft said it is investigating a data breach.
- Check unfamiliar repositories and install scripts before opening them with an AI agent.
Quick term guide
- GitHub repositories
- Online project folders that store code and related files.
- GitHub repo
- A project folder on GitHub where code and related files are stored.
- repositories
- Places where a project’s code and related files are stored.
- credentials
- Secret keys or tokens used to access an account or service.
- AI coding tools
- Programs like Claude, Cursor, or ChatGPT that write code for you when you describe what you want in plain language.
- AI coding tool
- Software that uses AI to help write, edit, or explain code.
- Solo makers
- People who build and launch their own products or services entirely on their own.
- install scripts
- Commands that can run automatically when software is installed.