Microsoft has suffered its second major supply-chain attack in weeks, with 73 verified open source packages compromised to include credential-stealing malware. The malicious code activates when developers use AI coding agents to open the packages, targeting credentials from AWS, Azure, GCP, Kubernetes, and over 90 developer tools. This follows a similar incident in May where Microsoft's durabletask Python SDK was compromised, receiving 400,000 monthly downloads.
Background
Supply chain attacks target software distribution channels to compromise multiple users at once, with recent incidents highlighting the vulnerability of open-source ecosystems. Microsoft's developer tools and packages are widely used in the industry, making them high-value targets for attackers.
- Source
- Ars Technica
- Published
- Jun 9, 2026 at 02:34 AM
- Score
- 8.0 / 10