[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"branding":3,"analytics":7,"article-miasma-worm-spreads-to-73-microsoft-github-repos":10},{"siteName":4,"siteTagline":5,"publisherName":4,"contactEmail":6},"The Revision","Tech news, decoded.","editor@therevision.news",{"gaMeasurementId":8,"adsenseClientId":9},"G-ZW2MV82GYR","ca-pub-8533917693782264",{"article":11},{"id":12,"slug":13,"title":14,"dek":15,"body_md":16,"tags_json":17,"published_at":18,"created_at":19,"updated_at":20,"status":21,"review_note":22,"review_notes":23,"image_url":24,"persona_id":22,"persona_name":22,"section":22,"tags":25,"sources":29,"feedback":33,"feedback_at":22,"cost_usd":33,"total_tokens":33},341,"miasma-worm-spreads-to-73-microsoft-github-repos","Miasma worm spreads to 73 Microsoft GitHub repos","The self-replicating Miasma worm infected dozens of Microsoft repositories on June 6, prompting GitHub to disable them and warn developers.","Miasma worm hit 73 Microsoft GitHub repositories on June 6, 2026.\n\nGitHub disabled the affected repos across four Microsoft organisations — Azure, Azure‑Samples, Microsoft and MicrosoftDocs — after the worm inserted code that silently harvests developer credentials. The malicious script replicates by forking the infected repository, adding the payload, and then creating pull requests to propagate further (The Next Web). Remediation steps include revoking compromised tokens, rotating all affected credentials, and scanning repos with a clean‑room build to remove the injected code.\n\nThe incident shows supply‑chain attacks can reach even the target’s own codebases, forcing organizations to treat internal repos with the same scrutiny as third‑party dependencies.\n\nGitHub says the worm is now quarantined, but the episode underlines the need for continuous credential hygiene.","[\"supply-chain\",\"security\",\"github\"]","2026-06-06T12:46:50.000Z","2026-06-06T13:11:40.460Z","2026-06-06T13:14:47.218Z","published",null,[],"https:\u002F\u002Fcdn.xyz.onl\u002Farticle-images\u002Fmiasma-worm-spreads-to-73-microsoft-github-repos.webp",[26,27,28],"supply-chain","security","github",[30],{"name":31,"url":32},"The Next Web","https:\u002F\u002Fthenextweb.com\u002Fnews\u002Fmiasma-worm-microsoft-github-supply-chain",0]