https://www.404media.co/microsoft-hacked-to-deliver-malware-to-claude-and-gemini-users/Microsoft has shut down a wave of its own repositories on GitHub, including those related to Azure and AI coding agents, as it investigates a data breach, according to research from cybersecurity researchers and a statement given to 404 Media by Microsoft. Hackers planted malware that would harvest peoples' credentials when they opened it in AI coding tools like Claude Code or Gemini CLI, according to one set of researchers. The exact contours of the breach are unclear, but researchers say Microsoft has disabled more than 70 of its own repositories, and pointed to a particular package that was previously compromised.Last week, cybersecurity website OpenSourceMalware.com, which acts as a clearing house for indicators of supply chain attacks so defenders can secure their own networks, and which also publishes its own write-ups, wrote about the mass disabling of Microsoft GitHub repositories. "GitHub disabled 73 Microsoft repositories across four of its GitHub organizations -- the entire Azure Functions org, the whole Durable Task family, and a row of AI sample apps -- in a 105-second sweep on June 5," the website wrote on Friday. Is it very unusual for any company, let alone Microsoft, to disable so many of its own repositories in one go. They include 49 related to Azure, Microsoft's cloud computing arm, and some concerning AI agents. The shutdown repositories also include ones related to durabletask, a Microsoft development tool.Researchers from StepSecurity wrote on Friday that the GitHub closures came after a malicious commit was pushed to the durabletask repository. That attack planted configuration files that would harvest peoples' credentials when they opened the repository in Claude Code, Gemini CLI, Cursor, or VS Code, StepSecurity wrote.
Based.
>>536725603real servers use linux.
>>536725603but linux something they used to hide from people so they operate some silk road stuff that not ok
>>536726918https://www.wiz.io/blog/miasma-supply-chain-attack-targeting-redhat-npm-packagesOn 1 June 2026, Wiz Research identified a supply chain compromise affecting multiple packages published under the @redhat-cloud-services npm namespace. Investigation revealed that at least 32 package releases contained unauthorized modifications that do not match the corresponding source repositories. These packages cumulatively average ~80,000 weekly downloads.Evidence indicates that a specific Red Hat employee GitHub account was compromised and used to inject the malware into these packages. The compromised account pushed malicious orphan commits to two RedHatInsights repositories, bypassing code review. This happened across two waves of activity.
