Bottom line: Microsoft restored some GitHub repos after 73 open-source projects were compromised with information-stealer malware, while keeping others offline as the security investigation continues.
Microsoft has partially restored repositories on GitHub following a security incident in which 73 of the company’s open-source projects were compromised with information-stealer malware. The measure is part of an ongoing investigation to protect the customer base and the open-source ecosystem.
Microsoft confirmed on Monday the temporary suspension of several GitHub repositories following a security incident in which 73 of its open-source projects were manipulated to inject an information-stealer into the code. A Microsoft spokesperson told The Hacker News that protecting customers and safeguarding the broader ecosystem were top priorities.
The exact number of repositories that have now been restored was not specified in the statement. Some repositories remain offline as investigations continue under the codename “Miasma”. This differentiated restoration strategy suggests that Microsoft is distinguishing between repositories that have completed security reviews and those with outstanding questions.
For security leaders, it is critical to verify whether open-source projects from Microsoft that their organizations depend on were affected by the incident and, if so, to review dependency versions. The fact that information-stealers were able to be embedded in 73 projects underscores the risk of supply-chain attacks through manipulation of ostensibly trusted sources.
Source: thehackernews.com · Published June 9, 2026
Lumi AI News — AI-assisted curation pursuant to Art. 50 EU AI Act. Paraphrase and classification by Lumi News Pipeline v1.6.5.