> TritonInfoSec News
Home / Jun 09, 2026 / Story
0
#8 Ars Technica Security general June 08, 2026 at 18:34 UTC

For the 2nd time in weeks, Microsoft packages laced with credential stealer

By Dan Goodin

AI Summary

For the second time in weeks, malicious packages targeting the Microsoft ecosystem were found laced with a credential stealer — 73 packages that execute a self-replicating stealer automatically when opened by an AI coding agent. The attack exploits the growing use of AI-assisted development workflows where agents autonomously install and execute packages. This pattern of recurring supply chain attacks against Microsoft package repositories represents an escalating threat to developer environments.

Read full article → https://arstechnica.com/security/2026/06/for-the-2…

Relevance score: 80.0/100

# More from June 09

  1. 1
    Critical Check Point VPN Flaw Exploited to Bypass Passwords in IKEv1 Setups The Hacker News
  2. 2
    One-Character Linux Kernel Flaw Enables Local Root Access, Exploits Now Public The Hacker News
  3. 3
    Meta Blocks NSO Group's New WhatsApp Phishing Attack, Files Contempt Order The Hacker News
  4. 4
    UNC3753 Used Vishing and Physical Intrusions in U.S. Data Theft Extortion Campaign The Hacker News
  5. 5
    New Shai-Hulud attack trojanizes 19 science-focused PyPI packages BleepingComputer
  6. 6
    VerdantBamboo Deploys BSD Variant of BRICKSTORM on Linux Appliances The Hacker News
  7. 7
    Critical UniFi OS bug lets hackers gain root without authentication BleepingComputer
  8. 9
    Over 20,000 Instagram accounts stolen in Meta AI support hack BleepingComputer
  9. 10
    SolarWinds Serv-U Vulnerability Exploited in the Wild SecurityWeek