CyberIntel ⬡ News
★ Saved ◆ Cyber Reads
← Back ◇ Industry News & Leadership Jun 09, 2026

Miasma Worm Hits Microsoft's AI Coding Ecosystem

Data Breach Today Archived Jun 09, 2026 ✓ Full text saved

Attackers Compromised More Than 70 Microsoft Repositories in Under 2 Minutes Attackers linked to the Miasma supply-chain campaign compromised a Microsoft contributor account and pushed malicious code into more than 70 repositories, using artificial intelligence-assisted coding tools as an infection path to steal credentials and developer secrets at scale.

Full text archived locally
✦ AI Summary · Claude Sonnet


    Cybercrime , Fraud Management & Cybercrime , Next-Generation Technologies & Secure Development Miasma Worm Hits Microsoft's AI Coding Ecosystem Attackers Compromised More Than 70 Microsoft Repositories in Under 2 Minutes Chris Riotta (@chrisriotta) • June 8, 2026     Share Post Share Credit Eligible Get Permission Image: Microsoft/Shutterstock/ISMG Security researchers said a fast-moving supply-chain attack linked to the "Miasma" worm hit Microsoft's developer ecosystem Friday, spreading through code repositories tied to Azure cloud tools. See Also: Experts Offer Insights from Theoretical to the Realities of AI-enabled Cybercrime Security researchers said the attack spread to more than 70 repositories Friday in under two minutes, forcing the temporary disabling of Azure Functions-related repositories and development workflows. The incident affected repositories across the Azure, Azure-Samples and Microsoft repositories, including projects tied to Azure Functions and Microsoft's Durable Task framework. Researchers at StepSecurity said attackers used a previously compromised contributor account to push malicious code into Microsoft's Azure ecosystem. The attack triggered an automated campaign designed to infect developers who interacted with affected repositories through artificial intelligence-assisted coding tools. GitHub disabled 73 repositories as part of its response, according to researchers tracking the incident. The repositories were restored after Microsoft and GitHub completed an initial investigation and removed the malicious code. The incident is the latest apparent expansion of the Miasma campaign, a supply-chain operation based on self-replicating malware posted online by the TeamPCP threat actor, the group responsible for the Mini Shai-Hulud toolkit rampaging over JavaScript and Python code repositories (see: Flurry of Supply-Chain Software Library Attacks). The attackers planted malicious configuration files designed to execute code when repositories were opened using AI coding tools such as Claude Code, Cursor, Gemini CLI and other AI-powered coding assistants, according to the researchers. The attack targeted the trust relationships and automation features increasingly embedded within modern software development workflows. Researchers said the malicious payload was designed to steal credentials, authentication tokens and developer secrets from infected systems. Previous versions of the Miasma campaign have targeted cloud credentials, Kubernetes configurations, password manager data and source code repositories. Researchers also suggested the latest incident appears linked to a previous compromise involving Microsoft's durabletask Python package. Previous reports indicated attackers inserted credential-stealing malware into the package after compromising a maintainer account. StepSecurity researchers said the incident may be linked to an earlier compromise of the durabletask Python Azure task scheduler - although the exact path used to access the affected repositories remains under investigation. Open-source malware researchers also said the attack spread rapidly through Microsoft's development ecosystem after attackers modified repository configuration files commonly inherited across projects. The approach allowed the malicious code to target dozens of repositories in a matter of seconds. Microsoft did not immediately comment on the incident. GitHub has not publicly disclosed additional details about the scope of the compromise or whether any downstream organizations were affected. Researchers urged organizations that cloned affected repositories or used impacted Azure Functions components to review development environments for signs of compromise, rotate potentially exposed credentials and verify the integrity of local repositories.
    💬 Team Notes
    Article Info
    Source
    Data Breach Today
    Category
    ◇ Industry News & Leadership
    Published
    Jun 09, 2026
    Archived
    Jun 09, 2026
    Full Text
    ✓ Saved locally
    Open Original ↗