GitHub shuts down 73 Microsoft repositories after Azure hack

GitHub shut down 73 Microsoft repositories after a malicious commit in Azure/durabletask was pushed through a previously compromised contributor account, raising fresh alarms about the security of developer supply chains. The affected code sat inside four Microsoft GitHub organizations, Azure, Azure-Samples, Microsoft, and MicrosoftDocs, and many of the repositories were tied to Azure services and sample code used by engineers building with AI tools.

The attack planted configuration files designed to trigger credential-harvesting behavior when a developer opened the repository in Claude Code, Gemini CLI, Cursor, or VS Code. That made the incident more than a routine code tampering event: it targeted the development environment itself, where access tokens, keys, and internal workflows can be exposed before any product ever reaches customers.

One security analysis said GitHub’s automated containment sweep disabled the repositories in 105 seconds. GitHub said it detected a cyberattack and immediately activated its response process, including rotating keys such as the GitHub Enterprise Server signing key. The company told Enterprise Server customers to rotate GPG public keys, while saying no action was required for GitHub Enterprise Cloud.

The episode landed in the middle of a sharp rise in agentic development workflows. GitHub said in April 2026 that those workflows had accelerated rapidly since the second half of December 2025, a shift that has pushed more code creation, pull requests, API calls, automation, and large-repository activity through the platform. That growth has also widened the attack surface, because a single poisoned repository can now interact with tools that developers trust to read, edit, and execute code at high speed.

The scale of the Microsoft incident also matters because it reached far beyond one project. The targeted repositories included widely used samples and cloud tooling, which means the risk extended downstream to developers copying code, integrating examples, or opening Microsoft-maintained projects inside AI assistants. In practical terms, a compromise upstream can become a credential leak downstream.

The breach came only weeks after GitHub disclosed on May 20, 2026, that attackers had stolen data from around 3,800 internal repositories in a separate incident. Together, the two cases showed sustained pressure on Microsoft-owned developer infrastructure at a moment when AI-assisted coding is becoming central to software production.