-
Posts
-
By Aditya Tiwari · Posted
Microsoft had to shut down 70+ GitHub repos after getting hacked, brings back some by Aditya Tiwari The self-replicating malware campaign known as Miasma took the open-source world by storm. It was reported that almost 73 Microsoft GitHub repositories were infected by the worm and had to be temporarily shut down to determine how attackers compromised projects and stuffed password-stealing malware in the code. These GitHub repos span across different organizations, including Microsoft Azure, Azure-Samples, Microsoft, and MicrosoftDocs. The malware enabled attackers to steal passwords and credentials when compromised tools were opened in popular AI coding apps, including Claude Code, Gemini CLI, VS Code, and Cursor. The security firm Cloudsmith, malware analysis site OpenSourceMalware, and 404 Media were among the first to report the hack. For background, Miasma is a variant of the Mini Shai-Hulud worm, open-sourced by the threat group TeamPCP. It started its journey by compromising a Red Hat employee's GitHub account to attack the @redhat-cloud-services npm namespace. Earlier this month, Microsoft Threat Intelligence reported that the Miasma attackers published 32 malicious packages across more than 90 versions under the @redhat-cloud-services npm scope to steal cloud credentials. The worm didn't take long to start attacking source repos directly rather than package registries. It is known to skip the npm registry entirely for several targets and plant malicious code straight into public repos like "icflorescu/mantine-datatable." The delivery approach was designed to weaponize AI coding tools. Miasma's malicious payload embedded into projects can trigger automatic code execution when the infected repo is opened in an AI coding tool or IDE. The list of affected projects includes "durabletask", a Python package compromised by TeamPCP a month earlier to deliver an information stealer designed for Linux systems. That said, Microsoft has begun restoring some repos affected by the malware campaign, The Hacker News reports. A company spokesperson stated the following: Microsoft will continue to investigate the attack. It has notified a small number of customers who may have removed their content from the affected repos. The company will reach out to customers again through established support channels "if anything further is identified that requires customer action." -
By RejZoR · Posted
Why is Opera doing this notification at all? They have their own extension store. They don't have to obey anything dictated by Google. Others like Brave and Vivaldi that rely on Chrome's extension store, not so much. Firefox is entirely separate as well with its own extensions store. I honestly don't understand why entire world is just insisting on Chrome. Like, why? It's a stupid fat browser with barely any functionality. But sure, it's installed on everything by default. I don't understand how people even use web that's filled with tracking garbage and ads all over the place. -
-
-
By rseiler · Posted
Just for anyone reading, AdGuard (the free, standalone MV3 extension) is quite good now, a direct competitor to uBlock Origin Lite and much more built-out than it.
-
-
Recent Achievements
-
rubentuben8 earned a badge
Week One Done
-
ARaclen earned a badge
Week One Done
-
jojodbn earned a badge
One Year In
-
jojodbn earned a badge
One Month Later
-
jojodbn earned a badge
Week One Done
-
-
Popular Contributors
-
Tell a friend
.thumb.png.b7089ebbdf00d96b3b92dddbd04bac02.png)
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now