Miasma Supply Chain Worm Burrows Into 73 Microsoft Repositories
The attacks stemmed from a GitHub account that was also compromised in a previous Miasma attack on Microsoft last month.
The Worm tag covers self-spreading malware that can spread rapidly, plus reported incidents, technical analysis, disruption efforts, and defensive guidance.
Search across headline titles and summaries.
Background for this topic.
Worms are malware programs that replicate and spread between systems without needing to attach to another file. They may move through exploitable network services, vulnerable applications, removable media, or other connected paths; the route depends on the family. Their defining concern is rapid propagation: one compromised host can seed many others, causing outages or resource exhaustion and, in some cases, delivering additional code or enabling unauthorized access.
Security teams should assess worm reports alongside the affected software and exposure details. Priorities include applying patches or mitigations, disabling unnecessary services, and segmenting networks to limit movement. Monitor for unusual scanning, repeated connection attempts, and clusters of similar infections. During an incident, isolate affected systems, restrict relevant communications where practical, preserve forensic evidence, and verify that vulnerable hosts are remediated before reconnecting them.
Weekly headline count for the current query.
The attacks stemmed from a GitHub account that was also compromised in a previous Miasma attack on Microsoft last month.
AI worms, or "viruses with wings and brains," adapt to new environments, seek out vulnerabilities, and will likely strike within a year, researchers say.
TeamPCP, the cybercrime group behind later waves of the Shai-Hulud worm, has done significant damage to the open source ecosystem. But it's not necessarily due to skill alone.
The release of Shai-Hulud source code spells trouble for software developers as researchers worry the self-replicating worm could scale.
Hundreds of npm packages infected by the self-propagating, credential-stealing worm from TeamPCP are related to the open source TanStack ecosystem.
A compromised developer's repository serves as a worm-like infection vector to spread remote access Trojans (RATs) and other malware.
Augmented Marauder's multipronged banking-Trojan cyber campaigns are targeting Spanish speakers, evading detection, and replicating rapidly.
The threat actor has been compromising cloud environments at scale with automated worm-like attacks on exposed services and interfaces.
Recent supply chain attacks involving self-propagating worms have spread far, but the damage and long-term impact is hard to quantify.
The latest attack from the self-replicating, npm-package poisoning worm can also steal credentials and secrets from AWS, Google Cloud Platform, and Azure.
This campaign introduces a new variant that executes malicious code during preinstall, significantly increasing potential exposure in build and runtime environments, researchers said.
The infostealer specifically targets Brazilian Portuguese speakers and combines malware designed to phish banking credentials and steal data, a worm, and some uniquely Brazilian quirks.
The sophisticated worm — which uses invisible code to steal credentials and turn developer systems into criminal proxies — has so far infected nearly 36k machines.
The newly emerged worm has spread across hundreds of open source software packages, stealing credentials and infecting other components without much direct attacker input.
A fresh wave of attacks on APAC government entities involves both self-propagating malware spreading via removable drives and a spear-phishing campaign.
The CE giant released its investigative findings regarding a March cyberattack that resulted in data exfiltration affecting its Japanese operations.
For a while, the botnet spread but did essentially nothing. All the malicious payloads came well after.
35 years after the Morris worm, we're still dealing with a version of the same issue: data overlapping with control.
The developers behind a widespread worm are nesting further into networks by exploiting Windows escalation opportunities faster than organizations can patch them.
The revival of the beloved online multiplayer video game was short-lived once players detected unusual activity and behavior that portended malware.