微软的开源工具遭到黑客攻击,导致人工智能开发者的密码被窃。
Microsoft's open source tools were hacked to steal passwords of AI developers

原始链接: https://techcrunch.com/2026/06/08/microsofts-open-source-tools-were-hacked-to-steal-passwords-of-ai-developers/

微软已暂时关闭其数十个 GitHub 存储库,因为发现这些代码遭到黑客入侵,并被植入了窃取密码的恶意软件。受影响的项目包括与 Azure、VS Code 和人工智能开发接口相关的工具,这些项目可能导致攻击者窃取用户的敏感凭据。 安全研究人员将此确定为“供应链”攻击,即通过在广泛使用的软件中嵌入恶意代码,以波及大量下游用户。这是微软的开源项目在最近几周内第二次遭到入侵;有报告指出,此次事件可能是先前被攻击项目的再次失守,引发了人们对该公司最初补救措施有效性的担忧。 微软已确认移除相关存储库以进行调查,并已开始通知受影响的客户。尽管部分存储库现已恢复,但由于公司仍在进行安全审计,其他存储库仍处于离线状态。考虑到微软作为大型科技公司的地位,此次漏洞尤为引人注目,凸显了大规模开源供应链在应对复杂网络攻击时日益脆弱。

近期报告指出,多项微软开源存储库遭到了“供应链攻击”,攻击目标直指 AI 开发工具。此次入侵涉及“Miasma”蠕虫病毒,它通过向 VS Code 等集成开发环境(IDE)及各类集成 AI 的编程环境注入恶意配置,从而利用自动化依赖项进行传播。 Hacker News 上的讨论重点关注了现代软件开发实践中存在的重大隐患。评论者认为,业界对“氛围编码”(vibe coding)——即在缺乏严格审查的情况下进行快速、AI 驱动的代码生成——的过度依赖,已形成了一个危险的攻击面。由于流程自动化以及将复杂的依赖项视为“黑盒”,开发人员无意中让蠕虫病毒得以在本地计算机、CI/CD 流水线和云环境中蔓延。 许多参与者批评了微软的安全文化及其透明度不足的问题,并指出微软的平台目前已成为这些攻击的核心媒介。尽管有人建议采取加强沙箱隔离、使用独立开发环境和人工代码审计等解决方案,但另一些人认为这是当前“快速行动,打破常规”安全模式的系统性崩溃。开发人员普遍认为,业界必须转向更加严谨、隔离且以安全为先的工作流程,以应对这些日益自动化和普遍化的威胁。
相关文章

原文

Microsoft has cut off access to dozens of its open source projects hosted on GitHub as it investigates how hackers apparently breached the projects and injected password-stealing malware into the code.

Many of the affected projects relate to Microsoft’s cloud service Azure and other tools used by developers to code with AI development apps, such as Claude Code, Gemini’s command line interface, and VS Code.

According to security firm Cloudsmith and community-driven malware analysis site OpenSourceMalware, which were some of the first to flag the hack, the malware allowed the hackers to steal the users’ passwords and other sensitive credentials when they opened the compromised tools in their AI coding apps.

It’s not immediately known how many people have downloaded the affected tools.

Microsoft confirmed it pulled the repos, as first reported by 404 Media.

Microsoft spokesperson Ben Hope told TechCrunch that the company has “temporarily removed some repositories as we investigated potential malicious content.”

“Some of these repos have been restored after review, while others may remain offline while work continues.”

“As part of our investigation, we notified a small number of customers who may have pulled down content from the affected repositories. We will continue to investigate, and if anything further is identified that requires customer action, we will reach out directly through our established support channels,” added Hope.

Microsoft did not immediately provide the specific number of customers affected, when asked by TechCrunch.

At least 70 projects belonging to Microsoft have been “disabled,” per a message loading when trying to access the projects’ pages on GitHub, a code-hosting site that Microsoft owns. “Access to this repository has been disabled by GitHub Staff due to a violation of GitHub’s terms of service.”

a screenshot showing a disabled github repo: reading — "This repository has been disabled. Access to this repository has been disabled by GitHub Staff due to a violation of GitHub's terms of service. If you are the owner of the repository, you may reach out to GitHub Support for more information."
Image Credits:TechCrunch/screenshot

This is the latest example in recent months of hackers breaching widely popular open source projects with the aim of planting malware on a large number of users who have the code installed on their computers. These hacks are known as “supply chain” attacks as they target code that is often used in a large number of software products, or by a specific kind of user, which may be advantageous to hack as they sometimes have access to cloud systems and large amounts of customers’ data.

While it’s not uncommon for sole developers of open source projects to be targeted by hackers — in some cases as part of long-running efforts to gain the trust of the developer — it is rare for large tech giants like Microsoft, which have the resources to defend against these kinds of attacks, to get breached.

This is Microsoft’s second known breach over the past few weeks that has allowed hackers to compromise its open source projects, per Ars Technica. In mid-May, security researchers said that Microsoft’s open source project Durable Task, a tool that helps developers build apps, was hacked. OpenSourceMalware said that Microsoft’s latest incident is a “re-compromise” of the Durable Task project, suggesting that Microsoft may not have eradicated the hackers on its first attempt or an entirely new, distinct breach.

Updated with comment from Microsoft.

When you purchase through links in our articles, we may earn a small commission. This doesn’t affect our editorial independence.

联系我们 contact @ memedata.com