Miasma Worm Hits 73 Microsoft GitHub Repositories in Major Supply Chain Attack

Saturday, June 6, 2026 at 06:58 AM UTC·Source: The Hacker News

Updated: Saturday, June 6, 2026 at 08:00 AM UTC

Executive Summary

Microsoft's GitHub repositories have become the latest to fall victim to the ongoing Miasma self-replicating supply chain attack campaign. The incident impacted 73 Microsoft repositories across four of its GitHub organizations, including Azure, Azure-Samples, Microsoft, and MicrosoftDocs, per OpenSourceMalware. The development has GitHub to disable access to those repositories. "Access to this

Analysis

Source Attribution

Originally published by The Hacker News on Jun 6, 2026.

Related Threats

MEDIUMSupply Chain

GitHub to Disable npm Install Scripts by Default to Stop Supply Chain Attacks

GitHub has announced what it said are "breaking changes" coming to npm version 12, one of which turns off install scripts by default to combat software supply chain threats. The changes aim to combat attack techniques that abuse the "npm install" command to trigger the execution of malicious code using npm lifecycle hooks. "Npm install" is used to download and install all the necessary

4h agoThe Hacker News

LOWSupply Chain

GitHub finally pulls the plug on automatic install script execution for npm

The ability for attackers to leverage automatic install script execution in npm will finally come to an end when expected changes arrive from GitHub in July. Coders will still be able to enable the function, but the default setting will block it. In V12, default settings are changing, GitHub said in its changelog , noting, “it turns an npm install behavior that runs automatically today into one yo

9h agoCSO Online

MEDIUMSupply Chain

The ‘Miasma’ worm source code briefly leaked on GitHub

The Miasma credential-stealing attack framework, which has recently targeted open-source ecosystems through supply-chain attacks, was briefly open-sourced on GitHub. [...]

14h agoBleepingComputer