Microsoft

Developer-targeting campaign using malicious Next.js repositories

A developer-targeting campaign leveraged malicious Next.js repositories to trigger a covert RCE-to-C2 chain through standard ...
GitHub

Title: Authentication fails with TF400813 error for personal Azure DevOps accounts using PAT #892

What I've tried: Created multiple new PAT tokens with full access Verified PAT works perfectly via direct Azure DevOps REST API calls Tried both @azure-devops/mcp and @azure-devops/mcp@next versions ...