Hackers stole AI developers' passwords via Microsoft open‑source tools

Hackers breached Microsoft’s open‑source AI tooling and harvested passwords from developers who use the software, TechCrunch reported [TechCrunch]. The attackers compromised the public repositories for the Azure Machine Learning SDK and the ONNX Runtime, inserting malicious code that captured credentials the moment a developer ran the package. Microsoft’s security team identified more than 1,200 exposed accounts and forced a coordinated password reset on June 7.

The breach was discovered on June 5, when anomalous login activity appeared on several Azure subscriptions. Microsoft responded by revoking the compromised tokens, requiring multi‑factor authentication for all affected users, and publishing a detailed advisory that outlined the malicious commit and the steps developers should take to verify their installations [TechCrunch].

Open‑source tools are attractive targets because they sit at the intersection of widely distributed code and privileged access to cloud resources. By compromising the SDKs, attackers gained a foothold that could be leveraged to move laterally within corporate environments, potentially exfiltrating data or deploying additional payloads. The incident underscores that the AI development ecosystem—valued for its rapid innovation—also presents a high‑value attack surface.

Developers must treat open‑source dependencies as critical security components. Best practices include verifying package signatures, pinning exact versions, and enabling MFA on all cloud accounts. Microsoft’s rapid response demonstrates that coordinated remediation can limit damage, but the episode serves as a reminder that community‑maintained software can become a single point of failure if not rigorously audited.

For organizations building AI workloads, the breach is a call to audit supply‑chain security, enforce strict credential hygiene, and monitor for anomalous activity across all tooling layers.