Miasma worm hits 73 Microsoft GitHub repositories in supply-chain attack (2026)
A self-replicating supply-chain worm dubbed Miasma compromised 73 repositories across four Microsoft GitHub organisations, planting configuration files that harvested cloud and developer credentials when the projects were opened in AI coding agents such as Claude Code and Cursor.
- Victim
- Microsoft (GitHub repositories)