Miasma Worm Exploits AI Coding Tools to Compromise Microsoft GitHub Repositories

A new self-replicating malware, the Miasma worm, has reportedly compromised 73 Microsoft GitHub repositories through a supply chain attack. The attack utilized previously stolen contributor credentials to inject malicious code, which then activated a credential-harvesting payload when accessed via popular AI coding tools. This incident led to the theft of credentials for various cloud platforms and developer tools, enabling its rapid spread.