105 seconds — that is how quickly GitHub and Microsoft moved to contain a June 5 incident that briefly disabled Microsoft-owned repositories on GitHub and interrupted developer workflows, according to reporting and company statements.
June 5 takedown: 73 repositories removed, continuous integration pipelines hit
On June 5, Microsoft removed 73 repositories across its Azure, microsoft, Azure-Samples, and MicrosoftDocs organizations on GitHub. The takedown disrupted continuous integration pipelines because many workflows referenced content hosted in those repositories. The incident was contained within 105 seconds, and GitHub displayed a message saying the action was taken by GitHub Staff "due to a violation of GitHub's terms of service."
Azure/functions-action outage — the immediate operational impact
The most visible and immediate effect was the disabling of access to Azure/functions-action, a GitHub Action used by many developers to deploy Azure Functions. Workflows that referenced that action stopped working because there was nothing in the specified repository to resolve the action, producing an outage and confusion for developers who relied on it to deploy code.
Links to Miasma/Shai‑Hulud campaigns and prior compromises
Multiple researchers tied the repository removals to a compromise associated with the Miasma/Shai‑Hulud supply‑chain campaign. Security engineer Adnan Khan characterized the June 5 incident as appearing "to be part of the Miasma malware campaign that infected 32 of Red Hat's npm packages." Software supply chain management company Cloudsmith reported that Microsoft's Azure environment on GitHub and the 'durabletask' repository were compromised via Miasma, a campaign that targeted AI coding tools such as Claude Code, Gemini CLI, VS Code, and Cursor.
OpenSourceMalware noted that the durabletask repository in Microsoft's Azure organization had been compromised in May, and that three malicious versions (1.4.1, 1.4.2, 1.4.3) of the durabletask package were pushed to the Python Package Index (PyPI) in that earlier incident. OpenSourceMalware suggested an incomplete cleanup may have allowed the threat actor to return with a new compromise, although that return has not been independently confirmed in the materials cited.
Cloudsmith's reporting also described how the worm first affected the @redhat-cloud-services npm namespace by compromising a Red Hat employee’s GitHub account; by "pushing unreviewed orphan commits to internal repos, the threat actors injected a minimal workflow that requested GitHub’s OIDC tokens," the researchers said. Security vendors continue to spot related activity: Socket reported a new Shai‑Hulud attack over a weekend that used a new delivery mechanism, and StepSecurity published a report on a Shai‑Hulud attack impacting the Pythagora‑io/gpt‑pilot open‑source AI developer tool.
Microsoft's response, restoration, and customer notifications
A Microsoft representative responded to community questions by saying the repositories were disabled because of "an internal management issue" and that an investigation was underway. In a statement to BleepingComputer, a Microsoft spokesperson said the company "temporarily removed some repositories as we investigated potential malicious content." The spokesperson added that Microsoft "notified a small number of customers who may have pulled down content from the affected repositories" and that "we will continue to investigate, and if anything further is identified that requires customer action, we will reach out directly through our established support channels."
At the time of writing, all repositories have been restored and are considered clean and safe to use.
What this means for developers, security teams, and enterprises
- Developers and open‑source maintainers: The outage illustrates the operational exposure of CI/CD pipelines that reference repository‑hosted actions or packages. The reporting recommends concrete mitigation steps: lock project dependencies, add multi‑day time delays before fetching new package updates, and test new builds in isolated environments.
- Security teams and product owners: The incident reinforces that supply‑chain attacks can be transient and fast-moving — the initial containment occurred in 105 seconds — yet prior compromises (the May durabletask PyPI incident) can have residual effects. Tools and processes that detect abuse of tokens or orphan commits — including monitoring for unreviewed workflows that request GitHub OIDC tokens — will be relevant.
- Affected enterprises and customers: Microsoft has indicated it has "notified a small number of customers" who may have pulled affected content and will reach out if further action is required. Organizations that rely on Azure/functions-action or the durabletask package should confirm they pulled content only from restored, verified repositories and follow any direct guidance from Microsoft support channels.
The technical record in public reporting shows a rapid takedown and restoration, but also threads connecting the event to broader Miasma/Shai‑Hulud supply‑chain activity, prior PyPI compromises, and ongoing vendor investigations. Microsoft says the repositories are clean and that it will contact customers if further remediation is needed; researchers and vendors continue to publish related findings about the campaign and delivery mechanisms. For teams that depend on repository‑hosted actions and packages, the episode is a concrete reminder to harden dependency handling and to treat code‑supply channels as operational risk.
Source: BleepingComputer — GitHub disables Microsoft repos pushing password‑stealing malware
