ATLAS · LIVE
ATLAS INDEX
Δ 24H
ACTIVE SOURCES20
HOTSPOTS20
TIME20:41:08 UTC
← All briefs
HIGHCyber IntelligenceSunday, June 7, 2026

Miasma Worm Compromises 73 Microsoft GitHub Repositories

Self-replicating supply chain attack hits Azure, Azure-Samples, Microsoft, and MicrosoftDocs organizations; GitHub disables affected repositories.

Microsoft has confirmed that 73 of its GitHub repositories were compromised in the Miasma supply chain attack, a self-replicating worm campaign targeting open-source infrastructure. The affected repositories span four Microsoft organizations: Azure, Azure-Samples, Microsoft, and MicrosoftDocs.

GitHub has disabled access to the compromised repositories in response to the incident. The attack was identified by OpenSourceMalware, which tracks supply chain threats in public code repositories. The Miasma campaign represents a continuation of self-replicating attacks that exploit trust relationships in software development workflows.

Supply chain attacks targeting GitHub repositories pose systemic risk because developers routinely pull code from trusted organizational accounts. Compromised Microsoft repositories carry particular weight given the company's footprint across enterprise and cloud infrastructure. The worm's self-replicating nature means initial infection can cascade through dependent projects without further attacker intervention.

The rest of this brief is inside the platform

Continue reading. Free.

A free Atlas account unlocks the full briefing, the co-analyst, daily delivery to your inbox, and a sector-personalised feed.

Full brief
Implications, sources, methodology
Co-Analyst
Ask follow-ups on every brief
Sector feed
Briefs filtered to what matters to you
Implications
  • 01Development teams using affected Microsoft repositories face potential code integrity compromise.
  • 02Enterprises must audit dependencies pulled from Microsoft GitHub organizations during exposure window.
  • 03Open-source supply chain defenses require repository-level integrity monitoring, not just package scanning.
Source
The Hacker News
https://thehackernews.com/2026/06/miasma-worm-hits-73-microsoft-github.html
Brief is editorial commentary by Atlas Intelligence based on the cited public reporting. Atlas does not reproduce source text. Verify primary source before action.
#supply chain#github#microsoft#miasma#open source#worm
Related Briefs