Microsoft packages hit with credential-stealing malware for second time

Kiswahili

Seventy-three Microsoft open source packages were compromised late last week with malware that steals credentials from cloud services and developer tools. The malicious code activates when opened in AI coding agents.

Automated systems on GitHub blocked the packages after detecting the threat. GitHub disabled them citing a terms of service violation rather than labeling them malicious. Microsoft sent an email on Monday stating it had temporarily removed some repositories while investigating potential malicious content. This marks the second such incident involving a Microsoft account in recent months. The malware, known as Miasma, uses a 28-kilobyte payload linked to threat actor TeamPCP. It targets credentials for AWS, Azure, GCP, Kubernetes, and password managers before spreading laterally. The same GitHub account was used in a May compromise of the DurableTask Python SDK. Security researchers noted the attack bypasses traditional detection by generating unique encrypted payloads for each infection.

Makala yanayohusiana

Illustration of a hacker exploiting Meta's AI chatbot to hijack Instagram accounts by changing email addresses and bypassing security.
Picha iliyoundwa na AI

Meta patches ai chatbot flaw used to hijack instagram accounts

Imeripotiwa na AI Picha iliyoundwa na AI

Hackers exploited Meta's AI support chatbot to take over Instagram accounts by tricking it into changing associated email addresses. The vulnerability allowed password resets without two-factor authentication after matching locations via VPN. Meta resolved the issue with an emergency patch on May 29.

GitHub hit with another major attack by Megalodon

GitHub was targeted in a significant cyber attack involving malware-laden commits. The Megalodon operation affected more than 5,000 repositories.

Microsoft patches critical ASP.NET Core vulnerability on macOS and Linux

Imeripotiwa na AI

Microsoft has released an emergency patch for a high-severity vulnerability in its ASP.NET Core framework, affecting macOS and Linux applications. Tracked as CVE-2026-40372, the flaw allows unauthenticated attackers to gain SYSTEM privileges through forged authentication payloads. The company advises immediate updates and key rotation to fully mitigate risks.

Teknolojia

Fake OpenAI repository tops Hugging Face downloads

Teknolojia

Experts warn Microsoft Phone Link tool exploited by unknown threat

Gaming

Duet Night Abyss launcher spreads malware on Steam

Over 29 million secrets leaked on GitHub in 2025

A TechRadar report states that over 29 million secrets were leaked on GitHub in 2025. The article suggests that AI is not helping and may be making the situation worse.

Daemon Tools app hit by monthlong supply-chain attack

Imeripotiwa na AI

Daemon Tools, a popular disk image mounting app, was compromised in a supply-chain attack starting April 8, delivering malware through official updates. Security firm Kaspersky reported infections on thousands of machines across over 100 countries. Users are urged to scan their systems immediately.

Jumatatu, 25. Mwezi wa tano 2026, 20:59:52

Trapdoor malware targets crypto and ai developers

Jumatatu, 25. Mwezi wa tano 2026, 20:53:09

FBI warns of Kali phishing scam targeting Microsoft OAuth tokens

Ijumaa, 22. Mwezi wa tano 2026, 04:20:28

Nearly all firms admit shipping vulnerable AI-generated code

Jumatano, 20. Mwezi wa tano 2026, 10:09:47

Microsoft warns of password reset exploits by hackers

Ijumaa, 3. Mwezi wa nne 2026, 10:14:58

OpenClaw patches severe vulnerability granting admin access

Jumatatu, 23. Mwezi wa tatu 2026, 09:31:59

Researchers uncover leaked API keys on nearly 10,000 websites

Jumatano, 18. Mwezi wa tatu 2026, 03:20:19

Infostealers Disguised as Claude Code, OpenClaw, and Other AI Tools

Tovuti hii inatumia vidakuzi

Tunatumia vidakuzi kwa uchambuzi ili kuboresha tovuti yetu. Soma sera ya faragha yetu kwa maelezo zaidi.
Kataa