GitHub disables Microsoft repos pushing password-stealing malware
GitHub took down several Microsoft-owned repositories that were found to be distributing password-stealing malware. The repositories, which appeared to be legitimate Microsoft projects, were used to push malware designed to steal user credentials. The exact number of affected repos and the duration of the compromise have not been disclosed. This incident underscores the vulnerability of even trusted accounts to supply-chain attacks, as attackers can leverage the reputation of well-known organizations to distribute malicious code. Developers who cloned or forked these repositories may have been exposed to the malware, potentially compromising their own credentials and systems. GitHub has not released details on how the repositories were compromised or whether the attackers exploited any specific vulnerabilities. The incident serves as a reminder that all repositories, regardless of their origin, should be treated with caution, and that code from any source should be reviewed and verified before execution.
Even trusted Microsoft repos can be compromised, highlighting supply-chain risks for developers.