AIBearishArs Technica – AI · 3h ago7/10
🧠
For the 2nd time in weeks, Microsoft packages laced with credential stealer
Microsoft-packaged software repositories were compromised for the second time in weeks with 73 malicious packages containing credential-stealing malware that automatically executes when opened by AI agents. This represents a significant supply chain vulnerability affecting automated development workflows and highlights growing threats to AI-driven software development practices.
