Miasma worm exploits AI tools to compromise 73 Microsoft GitHub repos

By PulseAugur Editorial · [1 sources] · 2026-06-08 18:15

A sophisticated supply chain attack, dubbed Miasma, has compromised 73 Microsoft repositories on GitHub, including critical ones for Azure and MicrosoftDocs. This self-replicating worm, a variant of Mini Shai-Hulud, exploits trust in development ecosystems rather than technical vulnerabilities, making malicious updates indistinguishable from legitimate ones. A particularly concerning aspect is its detonation vector, which leverages AI development tools to automatically execute malicious payloads when a developer clones and opens an infected repository. AI

IMPACT Introduces a novel attack vector where AI development tools become unwitting conduits for malware execution, posing a new risk to software supply chains.

RANK_REASON This is a significant supply chain attack impacting a major tech company's code repositories and introducing a new attack vector via AI tools. [lever_c_demoted from significant: ic=1 ai=0.7]

Read on Mastodon — fosstodon.org →

AI-generated summary · Google Gemini · from 1 sources. How we write summaries →

Miasma worm exploits AI tools to compromise 73 Microsoft GitHub repos

COVERAGE [1]

Mastodon — fosstodon.org TIER_1 English(EN) · [email protected] · 2026-06-08 18:15

Miasma Worm: il supply chain attack che ha colpito 73 repository Microsoft su GitHub Un worm auto-replicante chiamato Miasma ha compromesso 73 repository Micros

Miasma Worm: il supply chain attack che ha colpito 73 repository Microsoft su GitHub Un worm auto-replicante chiamato Miasma ha compromesso 73 repository Microsoft su GitHub, inclusi Azure Functions e l'intero ecosistema Durable Task. L'attacco sfrutta il modello di fiducia dell'…

COVERAGE [1]

Miasma Worm: il supply chain attack che ha colpito 73 repository Microsoft su GitHub Un worm auto-replicante chiamato Miasma ha compromesso 73 repository Micros

RELATED ENTITIES

RELATED TOPICS