Summaries like this, in your inbox every morning.
Sign up free →73 packages from Microsoft were flagged as malicious after being compromised to add credential-stealing code triggered when developers opened them in AI coding agents. GitHub disabled the packages and cited a violation of terms of service rather than flagging them as malicious; Microsoft did not acknowledge potential compromise until Monday.
The malware payload (28 KB) steals credentials from AWS, Azure, GCP, Kubernetes, password managers, and over 90 developer tool configurations, then spreads laterally through cloud infrastructure. The attack harvested OIDC (OpenID-Connect) tokens used in SLSA provenance attestation (a method providing cryptographically signed guarantees of software integrity) and was linked to threat actor TeamPCP.
This is the second supply-chain attack breaching an official Microsoft repository in as many months. In mid-May, Microsoft's durabletask Python SDK (which receives 400,000 downloads per month) was compromised in a similar attack using the same technique of stealing legitimate OIDC tokens to bypass the repository build pipeline.
No comments yet. Be the first to share your thoughts!
Log in to join the discussion
Get curated AI news from 200+ sources delivered daily to your inbox. Free to use.
Get Started FreeFree · takes 30 seconds · unsubscribe anytime
5 minutes a day. The AI essentials.
200+ sources · Email / LINE / Slack
