For the 2nd time in weeks, Microsoft packages laced with credential stealer
73 packages run self-replicating stealer as soon as they're opened by an AI agent.
Signal weather
Rising
Momentum is building quickly, so this card is a good early entry point into the topic.
Dozens of cryptographically verified open source packages from Microsoft were compromised late last week to add advanced credential-stealing code that was triggered when developers opened them in AI coding agents. In all, multiple researchers said, 73 packages were flagged as malicious when automated systems on GitHub blocked them on the platform. Rather than noting they are malicious—and that developers who used AI agents to work with them should assume their systems are compromised—the Microsoft-owned GitHub said it disabled the packages “due to a violation of GitHub's terms of service.” The text went on to encourage the package owner to contact GitHub. Devs: Assume compromise and proceed accordingly It wasn’t until Monday that Microsoft even raised the possibility the packages were infected. In an email, the company stated: “We have temporarily removed some repositories as we investigate potential malicious content.”Read full article Comments
Stay on the signal
Follow For the 2nd time in weeks, Microsoft packages laced with credential stealer
Follow this story beyond a single article: new follow-ups, adjacent sources, and the evolving storyline.
Story map
Understand this topic fast
A quick entry into the story: why it matters now, who is involved, and where to go next for context.
Why it matters now
Topic constellation
Open the live map for this story
See which entities, story threads, sources, and follow-up articles shape this story right now.
Click nodes to continue
Story timeline
Continue with this story
A short sequence of events and follow-up stories to understand the arc quickly.
How reliable this looks
Signal and trust for Ars Technica
This source works at a rapid pace: 100% of recent stories land in the hot window, and 0% carry visible search signal.
Reliability
92
Freshness
100
Sources in storyline
1
Related articles
More stories that share tags, source, or category context.
Microsoft’s open source tools were hacked to steal passwords of AI developers
Microsoft shut down dozens of GitHub code repositories for Azure and AI coding tools after a reported hack.
Signal weather
Momentum is building quickly, so this card is a good early entry point into the topic.
Why now
Fresh coverage with immediate momentum.
Artemis II crew flew fast, earned new patch: Astronauts' Mach 39 emblem
"It is actually challenging how you measure [Mach] from space."
Signal weather
Momentum is building quickly, so this card is a good early entry point into the topic.
Why now
Fresh coverage with immediate momentum.
Say hi to "Siri AI"—Apple announces new, more "conversational" voice assistant
New features coming this fall alongside two-tiered, Google-powered AI model overhaul.
Signal weather
Momentum is building quickly, so this card is a good early entry point into the topic.
Why now
Fresh coverage with immediate momentum.
Gemini 3.5 and Antigravity come to Google NotebookLM
NotebookLM is getting a big upgrade, but it's only for AI Ultra and enterprise accounts right now.
Signal weather
Momentum is building quickly, so this card is a good early entry point into the topic.
Why now
Fresh coverage with immediate momentum.
More from Ars Technica
Fresh reporting and follow-up coverage from the same newsroom.
Artemis II crew flew fast, earned new patch: Astronauts' Mach 39 emblem
"It is actually challenging how you measure [Mach] from space."
Signal weather
Momentum is building quickly, so this card is a good early entry point into the topic.
Why now
Fresh coverage with immediate momentum.
Say hi to "Siri AI"—Apple announces new, more "conversational" voice assistant
New features coming this fall alongside two-tiered, Google-powered AI model overhaul.
Signal weather
Momentum is building quickly, so this card is a good early entry point into the topic.
Why now
Fresh coverage with immediate momentum.
Gemini 3.5 and Antigravity come to Google NotebookLM
NotebookLM is getting a big upgrade, but it's only for AI Ultra and enterprise accounts right now.
Signal weather
Momentum is building quickly, so this card is a good early entry point into the topic.
Why now
Fresh coverage with immediate momentum.
Your empty cuppa could capture carbon
Polystyrene can be upcycled into carbon sponge material.
Signal weather
Momentum is building quickly, so this card is a good early entry point into the topic.
Why now
Fresh coverage with immediate momentum.