Miasma Worm Compromises 73 Microsoft GitHub Repositories in Unprecedented Supply Chain Attack
In a significant escalation of cyber threats, the self-replicating Miasma worm has infiltrated 73 Microsoft GitHub repositories, including those under the Azure, Azure-Samples, Microsoft, and MicrosoftDocs organizations. This sophisticated supply chain attack has led to the disabling of access to the affected repositories, raising serious concerns about the integrity of software delivery within open-source ecosystems.
Background and Initial Discovery
The Miasma worm first emerged on June 1, 2026, targeting the `@redhat-cloud-services` namespace on the npm package registry. Security researchers identified that at least 32 package releases were compromised, embedding a credential-stealing worm derived from the Mini Shai-Hulud malware. The malicious code was introduced via a compromised Red Hat employee’s GitHub account, allowing the worm to execute preinstall scripts during package installation, thereby harvesting developer credentials, CI/CD secrets, and cloud provider identities. The worm also attempted to propagate by republishing itself to other npm packages accessible to the compromised developer. ([rescana.com](https://www.rescana.com/post/miasma-supply-chain-attack-compromises-red-hat-redhat-cloud-services-npm-packages-with-credential-stealing-worm-cybersec?utm_source=openai))
Escalation to Microsoft Repositories
On June 5, 2026, the Miasma worm campaign reached Microsoft’s Azure GitHub organizations. A malicious commit was pushed to the Azure/durabletask repository using a previously compromised contributor account. This attack planted configuration files designed to execute a credential-harvesting payload when a developer opened the repository in tools such as Claude Code, Gemini CLI, Cursor, or Visual Studio Code. In response, GitHub disabled 73 repositories across four Microsoft GitHub organizations to contain the spread of the worm. ([stepsecurity.io](https://www.stepsecurity.io/blog/miasma-worm-hits-microsoft-again-azure-functions-action-and-72-other-repositories-disabled-after-supply-chain-attack-targeting-ai-coding-agents?utm_source=openai))
Technical Details of the Attack
The Miasma worm operates by embedding malicious code into software packages, which, upon installation, execute scripts that harvest sensitive information. In the case of the Red Hat compromise, the worm utilized preinstall scripts to execute a heavily obfuscated 4.29 MB dropper script. This script, through multiple layers of obfuscation and encryption, downloaded the Bun JavaScript runtime and launched a secondary payload designed to harvest credentials from various platforms, including GitHub, npm, AWS, Azure, Google Cloud Platform, HashiCorp Vault, Kubernetes, and developer systems. The malware also attempted to propagate by compromising additional maintainer packages and, in some scenarios, could destroy the maintainer’s home directory. ([microsoft.com](https://www.microsoft.com/en-us/security/blog/2026/06/02/preinstall-persistence-inside-red-hat-npm-miasma-credential-stealing-campaign/?utm_source=openai))
In the Microsoft repositories, the worm planted configuration files that executed a credential-harvesting payload when developers opened the repository in specific development tools. This method allowed the worm to steal Secure Shell (SSH) keys, command-line interface (CLI) credentials, browser and wallet data from developer systems. In CI/CD environments, it scraped GitHub Actions runner memory for secrets, escalated privileges using passwordless sudo, and republished poisoned packages with forged Supply-chain Levels for Software Artifacts (SLSA) provenance to continue downstream propagation. ([microsoft.com](https://www.microsoft.com/en-us/security/blog/2026/06/02/preinstall-persistence-inside-red-hat-npm-miasma-credential-stealing-campaign/?utm_source=openai))
Implications and Response
The infiltration of Microsoft’s GitHub repositories by the Miasma worm underscores the evolving nature of supply chain attacks and the increasing sophistication of cyber threats targeting open-source ecosystems. The ability of the worm to self-replicate and propagate through legitimate channels without exploiting vulnerabilities in npm or GitHub highlights the need for enhanced security measures and vigilance within the developer community.
In response to the attack, GitHub disabled access to the compromised repositories and is conducting a thorough audit of repository permissions and security practices. Microsoft has also shared its findings with the npm team, leading to the removal of affected repositories and the implementation of additional protections on the `@redhat-cloud-services` namespace to prevent unauthorized publishing. ([microsoft.com](https://www.microsoft.com/en-us/security/blog/2026/06/02/preinstall-persistence-inside-red-hat-npm-miasma-credential-stealing-campaign/?utm_source=openai))
Mitigation and Protection Guidance
To mitigate the risks associated with such supply chain attacks, developers and organizations are advised to:
– Review and Audit Dependencies: Regularly review and audit all dependencies and third-party packages used in projects to ensure they are from trusted sources and have not been compromised.
– Implement Least Privilege Access: Ensure that access controls follow the principle of least privilege, granting only the necessary permissions required for each user or system component.
– Monitor for Anomalous Activity: Implement monitoring solutions to detect unusual or unauthorized activities within development and CI/CD environments.
– Educate and Train Developers: Provide ongoing education and training for developers on secure coding practices and the risks associated with supply chain attacks.
– Utilize Security Tools: Employ security tools and services that can scan for vulnerabilities, detect malicious code, and provide real-time alerts for potential threats.
Conclusion
The Miasma worm’s successful infiltration of Microsoft’s GitHub repositories serves as a stark reminder of the vulnerabilities inherent in modern software development and distribution practices. As cyber threats continue to evolve, it is imperative for organizations and developers to adopt comprehensive security strategies, maintain vigilance, and foster a culture of security awareness to protect the integrity of the software supply chain.
