For the 2nd time in weeks, Microsoft packages laced with credential stealer
Seventy-three Microsoft packages reportedly ran a self-replicating credential stealer when opened by an AI agent.
Ars Technica reports a second Microsoft-package security incident in weeks, involving 73 packages laced with a credential stealer. The supplied summary says the malware runs as soon as the packages are opened by an AI agent and can self-replicate. The case highlights a growing software supply-chain risk: AI agents that inspect or operate on code may become execution triggers for malicious packages.
This Ars Technica security report notes that a malicious package incident involving Microsoft-related packages has occurred again within just a few weeks. According to the summary provided in the original article, 73 packages were found to contain a credential stealer — malware designed to steal accounts, tokens, keys, or other sensitive authentication data. More concerning is that the trigger condition for these packages is tied to AI agents: simply having a package opened by an AI agent will execute a self-replicating stealer. This means the risk is no longer confined to traditional manual installation, execution, or development workflows — it now extends to scenarios where automated agents assist with reading code, running tests, organizing dependencies, or operating on projects.
Free shows the 3-line summary; Pro unlocks the full deep summary (~300 words) so you never have to click through.
See Pro plans →Want the original English / full article?
Read on Ars Technica AI →Summaries are AI-generated; the original article is authoritative.