#miasma Tech News.

3 stories in the last 7 days

The latest miasma news, distilled by AI into sharp ~100-word summaries. ByteBrief tracks miasma across dozens of tech sources and brings you only what matters, updated hourly. Tap any story for the full brief, or open the original source.

DevBleepingComputer4 days ago

The 'Miasma' worm source code briefly leaked on GitHub

The Miasma credential-stealing worm source code was deliberately leaked on GitHub via compromised developer accounts. The malware autonomously infects machines, steals cloud and CI/CD credentials, and propagates through supply chains by publishing trojanized packages. It targets npm, PyPI, RubyGems, and AI coding tools.

Read summary Source

AIThe Register6 days ago

Miasma worm toolkit goes open source on GitHub

Someone open sourced the Miasma supply-chain attack toolkit on GitHub, likely using compromised developer accounts. SafeDep spotted the repos, which contain code for attacking PyPI, npm, RubyGems, JFrog Artifactory, GitHub Actions, and SSH. The worm previously hit over 100 Red Hat and Microsoft projects, with 473 affected artifacts tracked by Socket.

Read summary Source

AIThe Register7 days ago

GitHub disables 73 repos after Miasma worm attack

GitHub disabled 73 repositories in 105 seconds after detecting the Miasma worm, which spread via a malicious commit to Azure/durabletask. The commit triggered remote code execution when opened in IDEs like Claude Code and Cursor. The takedown of Azure/functions-action broke CI/CD pipelines for developers.

Read summary Source

Summaries by ByteBrief