Miasma Worm Compromises 73 Microsoft GitHub Repositories
Miasma Worm Compromises 73 Microsoft GitHub Repositories
Publish Date: 2026-06-09 11:57:16
Source Domain: securityaffairs.com
The self-replicating Miasma worm compromised 73 Microsoft GitHub repositories, including core components of Azure infrastructure, by leveraging the trusted credentials of compromised developers. Attackers initiated their breach by compromising a Red Hat employee’s GitHub account and pushing malicious commits that targeted specific repositories directly. Miasma weaponized AI coding tools to ensure silent execution, adapted its payload to evade detection, and harvested cloud credentials, presenting a severe threat to the affected repositories. Microsoft’s remediation efforts were insufficient, as this was the second breach from the same group in a month, hinting that the compromised credentials were not fully resolved in the previous incident. Cloud credentials and GitHub tokens have been compromised, requiring immediate rotation and enhanced scrutiny over software delivery mechanisms to prevent such future incidents.
Key Points:
– Miasma worm compromised 73 Microsoft GitHub repositories.
– Attackers utilized stolen credentials to introduce malicious commits.
– Advanced payload adapts to evade detection through encryption and cloud credential theft.
– Breach indicates potential incomplete resolution of previous compromises.
– Immediate rotation of credentials and enhanced monitoring are recommended to mitigate risks.
