GitHub disables Microsoft repos pushing password-stealing malware
Microsoft removed 73 repositories across its Azure, microsoft, Azure-Samples, and MicrosoftDocs organizations on GitHub, disrupting continuous integration pipelines.
The incident occurred on June 5, and it was contained within just 105 seconds. The company told BleepingComputer that the repositories were removed due to concerns that they distributed "potential malicious content."
Multiple researchers confirmed that the repos were pulled after a compromise during a Miasma/Shai-Hulud supply-chain campaign.
The OpenSourceMalware platform notes that the 'durabletask' - a repository in Microsoft's Azure organization on GitHub, was compromised in May, indicating that an incomplete cleanup allowed the threat actor to return with a new compromise. However, this has not been confirmed.
Immediately after removing the repositories, a message was displayed explaining that the action was taken by the GitHub Staff "due to a violation of GitHub's terms of service."
A Microsoft representative responded to user concerns in a community discussion, stating that the repositories were disabled because of “an internal management issue” and that an investigation was underway.
The most significant immediate effect of this incident was disabling access to ‘Azure/functions-action,’ a GitHub Action used by many developers to deploy Azure Functions.
Workflows referencing it stopped working because there was nothing in the specified repository to resolve the action, causing an outage and confusion.
At the time of writing, though, all repositories have been restored and are considered clean and safe to use.
However, the OpenSourceMalware platform notes that the ‘durabletask’package on the Python Package Index (PyPI), had been compromised in May when the threat actor pushed three malicious versions (1.4.1, 1.4.2, 1.4.3).
In a statement for BleepingComputer, a Microsoft spokesperson explained that the company "temporarily removed some repositories as we investigated potential malicious content."
While all repositories have been restored, Microsoft "notified a small number of customers who may have pulled down content from the affected repositories."
"We will continue to investigate, and if anything further is identified that requires customer action, we will reach out directly through our established support channels," a Microsoft spokesperson told us.
Security engineer Adnan Khan said that the June 5th incident affecting Microsoft repositories appeared to be part of the Miasma malware campaign that infected 32 of Red Hat's npm packages.
In a report this week, software supply chain management company Cloudsmith concluded that Microsoft's Azure environment on GitHub and the 'durabletask' repository were compromised via Miasma, which targeted AI coding tools (e.g., Claude Code, Gemini CLI, VS Code, Cursor).
The hacker pivoted from Red Hat's npm packages to Microsoft's resources on GitHub.
"The worm initially struck the @redhat-cloud-services npm namespace by compromising a Red Hat employee’s GitHub account. By pushing unreviewed orphan commits to internal repos, the threat actors injected a minimal workflow that requested GitHub’s OIDC tokens," the researchers said.
Supply-chain attacks continue to target open-source ecosystems. Yesterday, application security company Socket reported that it spotted a new Shai-Hulud attack over the weekend that relied on a new delivery mechanism.
StepSecurity published a separate report focusing on a Shai-Hulud attack impacting Pythagora-io/gpt-pilot, a popular open-source AI developer tool with more than 33,700 GitHub stars and over 3,500 forks.
Software developers should consider locking their project dependencies, adding multi-day time delays to fetch new package updates, and testing new builds on isolated environments.
Test every layer before attackers do
Security teams log 54% of successful attacks and alert on just 14%. The rest move through your environment unseen.
The Picus whitepaper shows how breach and attack simulation tests your SIEM and EDR rules so threats stop slipping by detection.
Get the whitepaper