Dozens of Microsoft open source packages were compromised by the Miasma worm, a credential-stealing malware triggered when developers opened the files in AI coding agents. The attack leveraged stolen maintainer credentials to bypass security pipelines, necessitating that affected users assume their systems are compromised.
Edward Kiledjian
@ekiledjian