Microsoft has shut down a wave of its own repositories on GitHub, including those related to Azure and AI coding agents, as it investigates a data breach, according to research from cybersecurity researchers and a statement given to 404 Media by Microsoft. Hackers planted malware that would harvest peoples’ credentials when they opened it in AI coding tools like Claude Code or Gemini CLI, according to one set of researchers.
The exact contours of the breach are unclear, but researchers say Microsoft has disabled more than 70 of its own repositories, and pointed to a particular package that was previously compromised.
“We have temporarily removed some repositories as we investigate potential malicious content,” Microsoft told 404 Media in an emailed statement on Monday.
At the time of writing, various GitHub repositories reads:
“This repository has been disabled. Access to this repository has been disabled by GitHub Staff due to a violation of GitHub's terms of service. If you are the owner of the repository, you may reach out to GitHub Support for more information.”
