Microsoft on Monday confirmed that it temporarily removed some GitHub repositories in response to a recent security incident that led to 73 of its open-source projects being compromised to inject an information stealer into the code.
“Our priority is to protect customers and the broader ecosystem,” a Microsoft spokesperson told The Hacker News via email. “We temporarily removed some repositories as we investigated potential malicious content. Some of these repos have been restored after review, while others may remain offline while work continues.”
“As part of our investigation, we notified a small number of customers who may have pulled down content from the affected repositories. We will continue to investigate, and if anything further is identified that requires customer action, we will reach out directly through our established support channels.”
The development comes days after the Windows maker cut off access to dozens of its open-source projects hosted on GitHub following reports that they were compromised as part of an ongoing software supply chain campaign codenamed Miasma.
Among the projects that were infected included “durabletask,” a Python package that was first compromised last month by a cybercrime group known as TeamPCP to deliver an information stealer designed for Linux systems.
Further analysis of the Miasma payload embedded into the projects has uncovered capabilities to trigger automatic code execution when an unsuspecting developer opens the repository in an artificial intelligence (AI)-powered coding tool or integrated development environment (IDE).
The findings are the latest in a sustained software supply chain campaign that has breached widely used open-source packages to plant malware capable of propagating to downstream users and beyond.
This includes a newer PyPI wave tied to the broader Mini Shai-Hulud, Miasma, and Hades waves, infecting an additional set of 23 packages, including some bioinformatics-related libraries used in graph learning, patient phenotyping, phenopacket tooling, and scientific workflows.
Some of the other packages include a set of AI and Model Context Protocol (MCP)-themed packages and typosquat-style packages such as rsquests, tlask, and rlask that impersonate requests and flask, and a langchain-core-mcp. The complete list of legitimate and bait packages is below –
- dreamgen 1.8.1
- embiggen 0.11.97
- ensmallen 0.8.101
- gpsea 0.9.14
- instructor-mcp 1.15.2, 1.15.3
- langchain-core-mcp 1.4.2, 1.4.3
- mem8 6.0.1
- mflux-streamlit 0.0.3, 0.0.4
- openai-mcp 2.41.1, 2.41.2
- orchestr8-platform 3.3.2
- phenopacket-store-toolkit 0.1.7
- ppkt2synergy 0.1.1
- pyphetools 0.9.120
- ray-mcp-server 0.2.1
- rlask 3.1.7
- rsquests 2.34.3
- tiktoken-mcp 0.13.1, 0.13.2
- tlask 3.1.4
The new cluster employs a new payload delivery mechanism, per Socket, indicating that the threat actors are adapting and actively experimenting…
Source link
Disclaimer
We strive to uphold the highest ethical standards in all of our reporting and coverage. We blogs.grocliq.com want to be transparent with our readers about any potential conflicts of interest that may arise in our work. It’s possible that some of the investors we feature may have connections to other businesses, including competitors or companies we write about. However, we want to assure our readers that this will not have any impact on the integrity or impartiality of our reporting. We are committed to delivering accurate, unbiased news and information to our audience, and we will continue to uphold our ethics and principles in all of our work. Thank you for your trust and support.
Website Upgradation is going on for any glitch kindly connect at [email protected]
