Miasma Worm Compromises 73 Microsoft GitHub Repositories, Stealing Cloud Credentials
A sophisticated worm named Miasma, also known as 'The Spring Blight,' infected 73 Microsoft GitHub repositories, including Azure and Azure-Samples, by weaponizing the durabletask PyPI package to steal developer credentials and Azure OIDC/managed-identity tokens.
A self-replicating worm, dubbed Miasma and also tracked as 'The Spring Blight,' has compromised 73 Microsoft GitHub repositories, impacting critical components of the Azure Functions ecosystem. The rapid intrusion, which occurred over a mere 105 seconds on June 8, 2026, saw all affected repositories flagged and disabled by GitHub. This incident, initially described by Microsoft as an internal management issue, was later revealed to be a significant supply-chain attack targeting cloud infrastructure credentials.
The worm's entry point was the durabletask PyPI package, a core component for Microsoft's Durable Task framework used across multiple programming languages. Attackers pushed three malicious versions (1.5.1, 1.5.2, and 1.5.3) to the Python Package Index (PyPI) within a short 38-minute window. These compromised packages, which garnered approximately 31,000 downloads, contained preinstall hooks designed to execute malicious code, specifically invoking Bun against a non-robust index.js loader.
Once executed within a developer's environment, Miasma was designed to exfiltrate sensitive information. It targeted GitHub Actions secrets, sending them to an external service named TempGPT. More critically, the malware specifically sought out Azure OIDC authentication hashes and managed-identity tokens. These tokens are crucial for cloud applications to authenticate with Azure services without storing explicit passwords, making their theft a high-value target for persistent, stealthy access.
Beyond credential theft, Miasma exhibited worm-like propagation capabilities. After harvesting secrets, it created public GitHub repositories within the victim's own account, naming them "Miasma: The Spring Blight," and committed the stolen secrets as JSON files. This mass creation of repositories triggered GitHub's automated terms-of-service enforcement, leading to the swift shutdown of the 73 repositories.
This attack represents a significant escalation from previous campaigns. Researchers noted that earlier strains of the related Shai-Hulud toolkit primarily targeted AWS access keys and GitHub personal tokens. The Miasma variant expanded its scope to include Azure OIDC and managed-identity layers, demonstrating a heightened ambition and a deeper understanding of cloud-native authentication mechanisms.
The compromise had immediate and widespread repercussions for developers worldwide. The disabling of the Azure/functions-action repository halted all CI/CD pipelines that referenced it, disrupting development workflows. Microsoft's initial underestimation of the incident's scale highlighted the stealthy nature of the attack and the challenges in detecting such sophisticated supply-chain compromises.
Security researchers are urging organizations to adopt stringent security practices. Recommendations include pinning Azure Functions pipeline actions to full commit SHAs rather than floating tags like @v1, and promptly rotating any Azure OIDC tokens, managed-identity credentials, and package manager tokens that might have been exposed. Auditing GitHub organizations for unexplained public repositories referencing the Spring Blight campaign is also advised.
As a mitigation, Microsoft has suggested alternatives to the compromised Azure/functions-action, including Azure CLI, Azure DevOps Pipelines, VS Code deployment, and Zip Deploy. The incident underscores the persistent threat posed by supply-chain attacks and the critical need for robust security measures within the open-source software ecosystem, particularly for cloud infrastructure components.