GitHub Disables 70+ Microsoft Repositories Amid Suspected Miasma Worm Re-infection
GitHub has taken down over 70 Microsoft repositories following suspected infections by the Miasma worm, disrupting CI/CD pipelines and highlighting a potential re-compromise of a previously targeted package.
GitHub has disabled more than 70 Microsoft repositories after they were compromised by a worm, marking the latest incident in the ongoing saga of open-source supply chain attacks. The code hosting platform took down 73 repositories within a span of 105 seconds on Friday, June 5, after its automated systems detected signs of the Miasma worm infecting its projects, according to security firm StepSecurity.
Users began reporting issues on Friday, with access to the affected repositories resulting in a message indicating they had been disabled due to terms of service violations. StepSecurity's analysis revealed that the attack originated from a compromised contributor account that pushed malicious code to the Azure/durabletask repository. This malicious commit included configuration files designed to trigger remote code execution when a developer opened the repository in an Integrated Development Environment (IDE) or an AI coding tool, such as Claude Code, Gemini CLI, and Cursor.
The immediate impact was felt by developers whose Continuous Integration and Continuous Deployment (CI/CD) pipelines were broken. One such affected repository was Azure/functions-action, a crucial component for deploying code to Azure. Its takedown caused workflows referencing it to stop resolving, leading to widespread disruption.
GitHub's automated detection systems intervened swiftly, disabling the repositories in two separate waves within minutes of the malicious commits being identified. However, the re-targeting of the durabletask family of packages strongly suggested a connection to a previous Miasma worm attack that had impacted Microsoft in May. The durabletask PyPi package was previously targeted on May 19, with malicious versions uploaded that planted infostealers designed to exfiltrate cloud secrets and developer tool configurations from Linux systems.
The renewed focus on durabletask indicates that the authentication tokens associated with the compromised developer account used in the earlier PyPi attack may not have been fully rotated, or the contributor account was re-compromised. Alternatively, a different contributor's account might have been used, with the attacker altering metadata to mimic a repeat attack.
Security researchers at Snyk have identified Miasma as a descendant of the Mini Shai Hulud worm, which had previously affected numerous open-source packages on the npm registry, including those from Red Hat. While the cybercrime group TeamPCP claimed responsibility for developing Mini Shai Hulud, it remains unclear if they are also behind the Miasma variant or if a different actor has taken over the project.
Prior to the Microsoft incident, the Miasma worm was observed compromising over 50 packages on npm, including a Vapi.ai SDK with significant download numbers, just two days earlier. This pattern underscores the persistent and evolving nature of supply chain threats targeting the open-source ecosystem, with developers' tools and environments serving as prime vectors for compromise.
The Miasma worm, a variant of the Mini Shai-Hulud, has impacted 73 Microsoft repositories across Azure, Azure-Samples, Microsoft, and MicrosoftDocs organizations. This incident led GitHub to disable access to the affected repositories, indicating a significant supply chain compromise within Microsoft's development infrastructure.