Miasma Supply Chain Worm Burrows Into 73 Microsoft Repositories
The attacks stemmed from a GitHub account that was also compromised in a previous Miasma attack on Microsoft last month.
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
The attacks stemmed from a GitHub account that was also compromised in a previous Miasma attack on Microsoft last month.
Hundreds of npm packages infected by the self-propagating, credential-stealing worm from TeamPCP are related to the open source TanStack ecosystem.
Recent supply chain attacks involving self-propagating worms have spread far, but the damage and long-term impact is hard to quantify.
The sophisticated worm — which uses invisible code to steal credentials and turn developer systems into criminal proxies — has so far infected nearly 36k machines.