- Microsoft confirmed on June 8 that 73 of its recent software packages are infected with a self‑replicating credential stealer.
- The packages, meant for use by AI agents, execute the stealer automatically when opened. Security researchers observed the payload copy itself across the agent’s file system and harvest stored credentials. Microsoft’s response note said the affected builds were published between May 20 and June 5, and the company is withdrawing them and issuing patches.
- The incident highlights a growing supply‑chain risk for AI‑driven workflows, where compromised tools can silently harvest keys and passwords. Enterprises that rely on AI agents for automation now face a direct vector for credential theft, not just data leakage.
- While Microsoft’s quick pull‑back limits exposure, the episode serves as a reminder that even large vendors can slip malicious code into routine distributions.