Key facts
- The Miasma worm has infected 73 Microsoft GitHub repositories.
- Affected repositories belong to Azure, Azure-Samples, Microsoft, and MicrosoftDocs.
- Malicious code was planted to harvest developer credentials.
- GitHub disabled the compromised repositories.
The self-replicating Miasma worm has successfully infiltrated 73 Microsoft GitHub repositories across four of its organizations: Azure, Azure-Samples, Microsoft, and MicrosoftDocs. GitHub has taken action by disabling these repositories after discovering that the worm had planted malicious code aimed at harvesting developer credentials. This incident represents a significant escalation in the ongoing campaign of supply chain attacks targeting the open-source ecosystem.