What follows next is purely speculation and it is based on my own observations and thoughts but based on what I've seen the old RBAC models, while being almost broken before, now it is fully broken, with the fact that now coding assistants and engineers are working on multiple unrelated projects simultaneously - especially working on wild experiments they had no time for previously. The risk of supply chain issue has increased dramatically in the enterprise.
Again, I am not saying it is related but I think it has an impact.
Now in many places it is encouraged by coders and managers to vibe stuff on their own devices. Soon or later it will become a problem, especially for those that have no idea what they are doing.
I am not saying it is related but I feel that it coincides perfectly.
I just cannot believe there is no underlaying thread going through all of these recent supply chain issues, and yes there are some hacking groups that specialise in this, sure, but it is because the bounty is plentiful.
show comments
bilekas
The phrasing of the title is loaded and the content phrases it as some kind of fault of open source.
Then, which I find the most amusing, proceeds to blame MicroSlop for the attempted suuply chain attack,
> Microsoft did not immediately provide the specific number of customers affected, when asked by TechCrunch.
Yeah, because that's how open source works. Tech crunch doing hard work no not explain that.
> This is Microsoft’s second known breach over the past few weeks that has allowed hackers to compromise its open source projects, per Ars Technica.
I, like many others love to knock on Microslop when I can, but in this case they did the right thing. The article phrases it like they did everything wrong, they're all at fault and shame on them for limiting the breach.
This is not the first time I've seen an article from Zack Whittaker that just rubbed me the wrong way.
> steal passwords of AI developers
This phrasing has it's own connotations. AI developers versus developers who use AI?
> This is the latest example in recent months of hackers breaching widely popular open source projects with the aim of planting malware on a large number of users who have the code installed on their computers. These hacks are known as “supply chain” attacks as they target code that is often used in a large number of software products, or by a specific kind of user, which may be advantageous to hack as they sometimes have access to cloud systems and large amounts of customers’ data.
Describes literally nothing of what a supply chain attack is, just the result of one and the reasons for their attack surface.
Very very bad reporting in my opinion. Bad breach, and I hate to admit M$ did the safe and right thing, but this 'reporting' leaves a lot to be desired.
* https://news.ycombinator.com/item?id=48450543 (Miasma Worm Hits Microsoft Again: Azure Functions Action and 72 Other Repositories Disabled After Supply Chain Attack Targeting AI Coding Agents)
I strongly suspect this is a case of classic personal access tokens being used in an unclean way.
If you are going to be handing tokens to AI agents on weird openclaw contraptions, you should try to use the fine grained variants. My GitHub account spans 3 organizations with wildly differing policies. The fact that classic tokens are even still allowed blows my mind a bit. You should be required to manually opt in each organization at a minimum.
show comments
yoyohello13
I had to reset my personal Microsoft account password yesterday because I got a two factor alert about a log in attempt from Romania. I can’t figure out how they got my password though because the only Microsoft product I own is an Xbox. Even before ai though Microsoft leaks like a sieve. I wish my company would move off them, but we are locked in.
show comments
giancarlostoro
I was probably late to the party in realizing and saying it, but I've been saying for a little while, even if you don't want to use AI because "the code is bad" or whatever, I highly suggest you consider having AI auditing code and services for security, or literally anything that scans code for vulnerabilities.
The attack vector isn't just plugins that steal your data, but also 0-day exploits in just about any software you use, and even your own web services being exploited by a script kiddy with an LLM. There will be an increase in hacks and it's only going to get worse, so anyone not investing in cyber security audits and auditing tools should really reconsider.
show comments
haute_cuisine
Please, someone explain how it's possible to add obfuscated file to so many repositories? Do they don't have any code reviews?
Also, the title is misleading, setup adds config to be auto executed by people who work on the repo. They would have to use vscode/cursor/claude/gemini. People who use codex / opencode / other harnesses are safe I guess.
Wasn't there some directive within Microsoft to fix their security issues?
How many other OSS repos of similarly sized companies get compromised like this?
No one ever got fired for choosing IBM or AWS - but apparently Microsoft has a decades long free pass everywhere.
Insane.
zihotki
And the best recommendation security teams can give - keep your SBOM strict, use min release age policy (sounds more like band-aid). That's a scary world to live in.
show comments
minraws
Remember folks Microsoft has Mythos access
abc3354
"No way to prevent this" say users of only package manager where this... Oh no sorry I thought this was Javascript Haters weekly meetup
raincole
> steal passwords of AI developers
What does this even mean?
The malware specifically steals passwords from developers who use AI? From those who develop AI tool? Or it steals API tokens, which serve a similar function as passwords do for humans?
Is this what journalism looks like today? Just slap the two holy letters on the title and you get views?
And the criminals found that Microsoft has yet to produce and AI worth stealing. A deeply ironic twist.
show comments
axegon_
I hate to be the "I told you" guy but... I told you and have been for years. And every time I do, a flock of sloppers come to say "but have you tried the claude sloppus, it's so good man, I haven't written any code in X months". Well.. Enjoy.
dude250711
The Age of Agentic Development.
show comments
yossufyahia
It actually feels like nothing is safe now every day you hear about hacking is it from the ai making development weak or ai is getting strong in hacking
show comments
shevy-java
GitHub keeps on having problems a LOT in the last months.
Skynet is winning now.
devilfileprong
Waze can be a psi to vibe code vanilla at the end of the day or bubblesort (RBAC) Knit365,the clippy knitting assistant support hotline can hotnet to mortal Kombat as k2tog Cymux,we lost the Sigint.
349187
Good. Let it all implode.
ares623
guys. what the fuck. are we even doing.
show comments
jrm4
I have not read the article, but it's interesting to be at a point where the headline is so bad that it deserves commenting on its own; i.e. understanding that there is no way possible for the connotation (not denotation) of the headline to be "correct."
The connotation here being either "open source is dangerous" or "Microsoft's specific brand of open source is dangerous" -- which coincidentally provides good clickbait for both "pro-open source" and "anti open source" types.
Anyway, not reading. They should do better.
TZubiri
another day, another supply chain vulnerability
pluc
If you want to be taken seriously, don't use Windows.
What follows next is purely speculation and it is based on my own observations and thoughts but based on what I've seen the old RBAC models, while being almost broken before, now it is fully broken, with the fact that now coding assistants and engineers are working on multiple unrelated projects simultaneously - especially working on wild experiments they had no time for previously. The risk of supply chain issue has increased dramatically in the enterprise.
Again, I am not saying it is related but I think it has an impact.
Now in many places it is encouraged by coders and managers to vibe stuff on their own devices. Soon or later it will become a problem, especially for those that have no idea what they are doing.
I am not saying it is related but I feel that it coincides perfectly.
I just cannot believe there is no underlaying thread going through all of these recent supply chain issues, and yes there are some hacking groups that specialise in this, sure, but it is because the bounty is plentiful.
The phrasing of the title is loaded and the content phrases it as some kind of fault of open source.
Then, which I find the most amusing, proceeds to blame MicroSlop for the attempted suuply chain attack,
> Microsoft did not immediately provide the specific number of customers affected, when asked by TechCrunch.
Yeah, because that's how open source works. Tech crunch doing hard work no not explain that.
> This is Microsoft’s second known breach over the past few weeks that has allowed hackers to compromise its open source projects, per Ars Technica.
I, like many others love to knock on Microslop when I can, but in this case they did the right thing. The article phrases it like they did everything wrong, they're all at fault and shame on them for limiting the breach.
This is not the first time I've seen an article from Zack Whittaker that just rubbed me the wrong way.
> steal passwords of AI developers
This phrasing has it's own connotations. AI developers versus developers who use AI?
> This is the latest example in recent months of hackers breaching widely popular open source projects with the aim of planting malware on a large number of users who have the code installed on their computers. These hacks are known as “supply chain” attacks as they target code that is often used in a large number of software products, or by a specific kind of user, which may be advantageous to hack as they sometimes have access to cloud systems and large amounts of customers’ data.
Describes literally nothing of what a supply chain attack is, just the result of one and the reasons for their attack surface.
Very very bad reporting in my opinion. Bad breach, and I hate to admit M$ did the safe and right thing, but this 'reporting' leaves a lot to be desired.
These seem related:
* https://news.ycombinator.com/item?id=48418318 (The Blight Reaches Microsoft: 73 Repos Disabled in 105 Seconds)
* https://news.ycombinator.com/item?id=48450543 (Miasma Worm Hits Microsoft Again: Azure Functions Action and 72 Other Repositories Disabled After Supply Chain Attack Targeting AI Coding Agents)
* https://news.ycombinator.com/item?id=48416155
* https://news.ycombinator.com/item?id=48416269 (Miasma Worm Targets AI Coding Agents via GitHub Repos)
I strongly suspect this is a case of classic personal access tokens being used in an unclean way.
If you are going to be handing tokens to AI agents on weird openclaw contraptions, you should try to use the fine grained variants. My GitHub account spans 3 organizations with wildly differing policies. The fact that classic tokens are even still allowed blows my mind a bit. You should be required to manually opt in each organization at a minimum.
I had to reset my personal Microsoft account password yesterday because I got a two factor alert about a log in attempt from Romania. I can’t figure out how they got my password though because the only Microsoft product I own is an Xbox. Even before ai though Microsoft leaks like a sieve. I wish my company would move off them, but we are locked in.
I was probably late to the party in realizing and saying it, but I've been saying for a little while, even if you don't want to use AI because "the code is bad" or whatever, I highly suggest you consider having AI auditing code and services for security, or literally anything that scans code for vulnerabilities.
The attack vector isn't just plugins that steal your data, but also 0-day exploits in just about any software you use, and even your own web services being exploited by a script kiddy with an LLM. There will be an increase in hacks and it's only going to get worse, so anyone not investing in cyber security audits and auditing tools should really reconsider.
Please, someone explain how it's possible to add obfuscated file to so many repositories? Do they don't have any code reviews?
Also, the title is misleading, setup adds config to be auto executed by people who work on the repo. They would have to use vscode/cursor/claude/gemini. People who use codex / opencode / other harnesses are safe I guess.
Details: https://www.stepsecurity.io/blog/miasma-worm-hits-microsoft-...
And we trust these people with the root CA cert in our Secure Boot?
Nobody should do 'npm install' or 'pip install' on their machine.
Using a proper sandboxing(https://github.com/ashishb/amazing-sandbox) regularly will drastically limit the blast radius of these attacks.
Wasn't there some directive within Microsoft to fix their security issues?
How many other OSS repos of similarly sized companies get compromised like this?
No one ever got fired for choosing IBM or AWS - but apparently Microsoft has a decades long free pass everywhere.
Insane.
And the best recommendation security teams can give - keep your SBOM strict, use min release age policy (sounds more like band-aid). That's a scary world to live in.
Remember folks Microsoft has Mythos access
"No way to prevent this" say users of only package manager where this... Oh no sorry I thought this was Javascript Haters weekly meetup
> steal passwords of AI developers
What does this even mean?
The malware specifically steals passwords from developers who use AI? From those who develop AI tool? Or it steals API tokens, which serve a similar function as passwords do for humans?
Is this what journalism looks like today? Just slap the two holy letters on the title and you get views?
(Yes, I read the article. No, I still don't think the title makes sense. You can skip this techchurch slop and read the real information here: https://opensourcemalware.com/blog/miasma-reaches-azure)
Their source has the list of the 73 disabled repositories: https://opensourcemalware.com/blog/miasma-reaches-azure
Note that also the homebrew-tap was affected: homebrew-functions
Can't say I expect better. This is part of why I've been jumping away from things acquired/owned by them for the past 13+ years.
https://archive.is/bnm7u
And the criminals found that Microsoft has yet to produce and AI worth stealing. A deeply ironic twist.
I hate to be the "I told you" guy but... I told you and have been for years. And every time I do, a flock of sloppers come to say "but have you tried the claude sloppus, it's so good man, I haven't written any code in X months". Well.. Enjoy.
The Age of Agentic Development.
It actually feels like nothing is safe now every day you hear about hacking is it from the ai making development weak or ai is getting strong in hacking
GitHub keeps on having problems a LOT in the last months.
Skynet is winning now.
Waze can be a psi to vibe code vanilla at the end of the day or bubblesort (RBAC) Knit365,the clippy knitting assistant support hotline can hotnet to mortal Kombat as k2tog Cymux,we lost the Sigint.
Good. Let it all implode.
guys. what the fuck. are we even doing.
I have not read the article, but it's interesting to be at a point where the headline is so bad that it deserves commenting on its own; i.e. understanding that there is no way possible for the connotation (not denotation) of the headline to be "correct."
The connotation here being either "open source is dangerous" or "Microsoft's specific brand of open source is dangerous" -- which coincidentally provides good clickbait for both "pro-open source" and "anti open source" types.
Anyway, not reading. They should do better.
another day, another supply chain vulnerability
If you want to be taken seriously, don't use Windows.