{"id":265567,"date":"2026-06-06T02:58:00","date_gmt":"2026-06-06T06:58:00","guid":{"rendered":"https:\/\/news-you-need.com\/index.php\/2026\/06\/06\/miasma-worm-hits-73-microsoft-github-repositories-in-major-supply-chain-attack\/"},"modified":"2026-06-06T04:25:40","modified_gmt":"2026-06-06T08:25:40","slug":"miasma-worm-hits-73-microsoft-github-repositories-in-major-supply-chain-attack","status":"publish","type":"post","link":"https:\/\/news-you-need.com\/index.php\/2026\/06\/06\/miasma-worm-hits-73-microsoft-github-repositories-in-major-supply-chain-attack\/","title":{"rendered":"Miasma Worm Hits 73 Microsoft GitHub Repositories in Major Supply Chain Attack"},"content":{"rendered":"<p><a href=\"https:\/\/thehackernews.com\/2026\/06\/miasma-worm-hits-73-microsoft-github.html\">Miasma Worm Hits 73 Microsoft GitHub Repositories in Major Supply Chain Attack<\/a><\/p>\n<p><a href=\"https:\/\/thehackernews.com\/2026\/06\/miasma-worm-hits-73-microsoft-github.html\">https:\/\/thehackernews.com\/2026\/06\/miasma-worm-hits-73-microsoft-github.html<\/a><\/p>\n<p>Publish Date: <a href=\"publish_date]\">2026-06-06 02:58:00<\/a><\/p>\n<p>Source Domain: <a href=\"thehackernews.com\">thehackernews.com<\/a><\/p>\n<p><span class=\"p-author\">\ue804<span class=\"author\">Ravie Lakshmanan<\/span>\ue802<span class=\"author\">Jun 06, 2026<\/span><\/span><span class=\"p-tags\">Supply Chain Attack \/ Malware<\/span><\/p>\n<p>Microsoft&#8217;s GitHub repositories have become the latest to fall victim to the ongoing Miasma self-replicating supply chain attack campaign.<\/p>\n<p>The incident impacted 73 Microsoft repositories across four of its GitHub organizations, including Azure, Azure-Samples, Microsoft, and MicrosoftDocs, per OpenSourceMalware. The development has GitHub to disable access to those repositories.<\/p>\n<p>&#8220;Access to this repository has been disabled by GitHub Staff due to a violation of GitHub&#8217;s terms of service,&#8221; reads the message when attempting to access the &#8220;Azure\/azure-functions-host&#8221; repository. &#8220;If you are the owner of the repository, you may reach out to GitHub Support for more information.&#8221;<\/p>\n<p>According to OpenSourceMalware, some of the repositories impacted by the incident are listed below &#8211;<\/p>\n<ul>\n<li>azure-search-openai-demo-purviewdatasecurity<\/li>\n<li>Connectors-NET-LSP<\/li>\n<li>Connectors-NET-SDK<\/li>\n<li>durabletask<\/li>\n<li>durabletask-dotnet<\/li>\n<li>durabletask-go<\/li>\n<li>durabletask-js<\/li>\n<li>durabletask-mssql<\/li>\n<li>functions-container-action<\/li>\n<li>homebrew-functions<\/li>\n<li>llm-fine-tuning<\/li>\n<li>windows-driver-docs<\/li>\n<\/ul>\n<p>What&#8217;s notable about the latest campaign is the re-compromise of the &#8220;durabletask&#8221; PyPI package, which was infected by TeamPCP last month to deliver an information stealer on Linux systems.<\/p>\n<p>&#8220;A month later, not only is Azure\/durabletask gone &#8211; so is every sibling repo in the Durable Task ecosystem, sitting one org over in Microsoft: the .NET, Go, Java, JS, MSSQL, Netherite, and protobuf implementations, plus the Durable Functions monitor,&#8221; security researcher Paul McCarty (aka 6mile) said.<\/p>\n<p>&#8220;When the repo at the root of last month&#8217;s compromise is the hub of this month&#8217;s takedown, that is not a coincidence &#8211; that is the same wound reopening. Whoever held those credentials in May plausibly never fully lost them.&#8221;<\/p>\n<p><img decoding=\"async\" alt=\"\" border=\"0\" data-original-height=\"916\" data-original-width=\"1502\" src=\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEhemNR9h_g1pzbtSuNnKWfQIxypfGLWb52x73fTBT1EhzNvDMk7ko7Gt6UPk2IkMPHd1N3TLkYDJmCi1gxMLbale7wTeVdxUfX67kY5D3rGDsiW12pRHdEAMhylTCo-GOikjN6IEJQkgTQ_xH0zDi9LShfBUXh14P9JS7ROjez0Z8vsXJZzHlGS8S6S7WjN\/s1600\/githubs.jpg\"\/><\/p>\n<p>Miasma is assessed to be a variant of the Mini Shai-Hulud worm that TeamPCP publicly released in mid-May 2026. It has since continued to mutate and&#8230;<\/p>\n<p><a href=\"https:\/\/thehackernews.com\/2026\/06\/miasma-worm-hits-73-microsoft-github.html\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Miasma Worm Hits 73 Microsoft GitHub Repositories in Major Supply Chain Attack https:\/\/thehackernews.com\/2026\/06\/miasma-worm-hits-73-microsoft-github.html Publish Date:&#8230;<\/p>\n","protected":false},"author":1,"featured_media":265568,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgG8k6LtHNQ3cHl_X1AZbXRn6LZCNZ6lMLjy-9HG7-_OQekMOhCQKkktrnMqVteXfmGHBMMlbTv3v9Rl6kKjXlNQBSHUVybmD_IBVvMDT7IsMGV49OMSfF5V8bMFVW4ZwFjlg_gddyYtiiQqmdpYIJjuKLTZz_rxooZZQQye7omBEOjyxMFFjAaiZuc6Non\/s1600\/azure-npm.jpg","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[18,32,57],"class_list":["post-265567","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-large-language-model","tag-malware","tag-security"],"_links":{"self":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/265567"}],"collection":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=265567"}],"version-history":[{"count":1,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/265567\/revisions"}],"predecessor-version":[{"id":265569,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/265567\/revisions\/265569"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/265568"}],"wp:attachment":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=265567"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=265567"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=265567"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}