For the 2nd time in weeks, Microsoft packages laced with credential stealer
2026-06-08 · Ars Technica
Turns out letting AI agents automatically open and run packages is going exactly as well as you'd expect. 73 malicious Microsoft packages were rigged to unleash a self-replicating credential stealer the moment an AI agent touches them — and this is the second time in weeks. Your AI coding assistant isn't just writing bugs anymore, it's speedrunning supply chain attacks on your behalf.