Storia in 7 fonti

Miasma Supply Chain Worm Burrows Into 73 Microsoft Repositories

The attacks stemmed from a GitHub account that was also compromised in a previous Miasma attack on Microsoft last month.

Raccontata datheregister.comdev.tosecurityweek.comthehackernews.comneowin.netdarkreading.combleepingcomputer.com

Confronto fonti

6 prospettive sulla stessa storia

AI · summaries

darkreading.comStai leggendo2 g fa

Miasma Supply Chain Worm Burrows Into 73 Microsoft Repositories

The attacks stemmed from a GitHub account that was also compromised in a previous Miasma attack on Microsoft last month.

originale

dev.to3 g fa

The Miasma Worm: How AI Coding Agents Became a Supply Chain Attack Surface

Microsoft just had 73 GitHub repositories — including the Azure Functions Action — disabled after a...

Leggi questa versione → originale

theregister.com3 g fa

GitHub nukes 70+ Microsoft repos, breaks CI/CD pipelines, following suspected worm infections

Miasma worm shapeshifts, but cloud secret-scouting remains the goal

Leggi questa versione → originale

bleepingcomputer.com1 g fa

The ‘Miasma’ worm source code briefly leaked on GitHub

The Miasma credential-stealing attack framework, which has recently targeted open-source ecosystems through supply-chain attacks, was briefly open-sourced on GitHub.

Leggi questa versione → originale

thehackernews.com2 g fa

Microsoft Restores Some GitHub Repos, Keeps Others Offline as Miasma Probe Continues

Microsoft confirms it temporarily removed GitHub repos after Miasma worm compromised 73 of its open-source projects to inject an information stealer.

Leggi questa versione → originale

securityweek.com2 g fa

Over 100 NPM, PyPI Packages Hit in New Shai-Hulud Supply Chain Attacks

Over 100 NPM and PyPI packages were injected with malicious code in the Miasma and Hades Shai-Hulud supply chain attack variants.

Leggi questa versione → originale

Timeline cronologica

1. lunedì 8 giugno 2026·theregister.com
   

   GitHub nukes 70+ Microsoft repos, breaks CI/CD pipelines, following suspected worm infections

   Miasma worm shapeshifts, but cloud secret-scouting remains the goal

2. martedì 9 giugno 2026·dev.to
   

   The Miasma Worm: How AI Coding Agents Became a Supply Chain Attack Surface

   Microsoft just had 73 GitHub repositories — including the Azure Functions Action — disabled after a...

3. martedì 9 giugno 2026·securityweek.com
   

   Over 100 NPM, PyPI Packages Hit in New Shai-Hulud Supply Chain Attacks

   Over 100 NPM and PyPI packages were injected with malicious code in the Miasma and Hades Shai-Hulud supply chain attack variants.

4. martedì 9 giugno 2026·thehackernews.com
   

   Microsoft Restores Some GitHub Repos, Keeps Others Offline as Miasma Probe Continues

   Microsoft confirms it temporarily removed GitHub repos after Miasma worm compromised 73 of its open-source projects to inject an information stealer.

5. martedì 9 giugno 2026·theregister.com
   

   Miasma worms its way onto GitHub as attack kit goes open source

   As if there weren't enough package poisonings to worry about

6. martedì 9 giugno 2026·dev.to
   

   Microsoft's npm Packages Got Backdoored. Again. And AI Agents Pulled the Trigger.

   73 cryptographically signed npm packages from Microsoft were compromised last week with advanced...

7. martedì 9 giugno 2026·neowin.net
   

   Microsoft had to shut down 70+ GitHub repos after getting hacked, brings back some

   Microsoft had to disable more than 70 GitHub repos this week after a nasty password-stealing malware infected them.

8. martedì 9 giugno 2026·darkreading.com
   

   Miasma Supply Chain Worm Burrows Into 73 Microsoft Repositories

   The attacks stemmed from a GitHub account that was also compromised in a previous Miasma attack on Microsoft last month.

9. martedì 9 giugno 2026·dev.to
   

   If the Shai-Hulud worm reached your GitHub repos, please read this

   The Miasma / Shai-Hulud worm is still live in many GitHub repositories. How to tell if you were hit, clean up safely, and what to do if you are locked out.

10. mercoledì 10 giugno 2026·bleepingcomputer.com
    

    The ‘Miasma’ worm source code briefly leaked on GitHub

    The Miasma credential-stealing attack framework, which has recently targeted open-source ecosystems through supply-chain attacks, was briefly open-sourced on GitHub.