Technology

Microsoft’s GitHub Repositories Compromised in AI Coding Agent Supply-Chain Attack

by Anika Shah - Technology
0 comments

Miasma Worm Exploits AI Coding Tools to Compromise 73 Microsoft GitHub Repositories

On June 5, 2026, a sophisticated supply-chain attack compromised 73 Microsoft GitHub repositories, leveraging AI coding tools to steal cloud and developer credentials. The incident, attributed to the Miasma worm, underscores critical vulnerabilities in open-source software ecosystems and AI-assisted development workflows.

How the Attack Unfolded

The breach began when attackers exploited previously compromised contributor credentials to push a malicious commit to the Azure/durabletask repository. This commit, backdated to 2020 with a misleading “[skip ci]” message, introduced configuration files designed to trigger a credential-harvesting payload when opened in AI coding tools like Claude Code, Gemini CLI, Cursor, and VS Code.

The payload, a 4.3–4.5 KB module, harvested credentials for cloud platforms (AWS, Azure, GCP), Kubernetes, password managers, and over 90 developer tool configurations. It then spread laterally through cloud infrastructures, infecting additional repositories. GitHub disabled the affected repositories in an automated sweep lasting 105 seconds, disrupting CI/CD pipelines reliant on Azure/functions-action.

Link to TeamPCP and the Miasma Worm

Security firm StepSecurity linked the attack to the threat actor TeamPCP, which previously compromised Microsoft’s durabletask Python SDK on PyPI in mid-May 2026. The Miasma worm, a clone of TeamPCP’s Mini Shai-Hulud toolkit, exploited Microsoft’s OIDC (OpenID-Connect) tokens to bypass repository security measures. This technique allowed attackers to bypass the PyPI and GitHub build pipelines entirely.

Link to TeamPCP and the Miasma Worm

The malware also targeted SLSA (Supply-chain Levels for Software Artifacts) provenance attestation, a method for cryptographically verifying software integrity. By stealing OIDC tokens, the attackers could forge trusted credentials, enabling the malware to propagate undetected.

Microsoft’s Response and Industry Reactions

Microsoft initially stated, “We have temporarily removed some repositories as we investigate

AI Agents Are Breaking Microsoft GitHub

Related Posts

GaN-Based Power Electronics for Bidirectional 800V EV Charging

Samsung Galaxy Tab S12 Ultra Battery Capacity and...

Niedersachsen Slogan: Diese Kritik zur neuen ‘Das ist...

Does Space-Time Exist? The Distinction Between Existence and...

Instagram Now Lets You Reorganize Your Profile Grid

Viral Spotlight Video by sebas.t84

Apple Unveils AI-Powered Features to Enhance User Experience

STMicroelectronics Releases New Gate Drivers with SPI Connectivity

Tyler Cameron’s Hilarious TikTok: Why He’s “Having Beef”...

20 Jahre Zertifikate-Forum Austria: Deutsche Börse feiert strategische...

Leave a Comment

Save my name, email, and website in this browser for the next time I comment.