The ‘Miasma’ worm source code briefly leaked on GitHub

The Miasma credential-stealing attack framework, which has recently targeted open-source ecosystems through supply-chain ...
Pen Test Partners

ClickFix, CrashFix and the growing family of copy and paste attacks

TL;DR Introduction At the start of this year, I wrote a blog on how 2025 was the ‘year of the infostealer’, and it doesn’t ...

Update Chrome ASAP to protect yourself from this active exploit

If you use Chrome, you're vulnerable until you install this update.
Techlomedia

73 Microsoft GitHub Repos Compromised in Miasma Malware Attack

Microsoft has confirmed that it temporarily removed several GitHub repositories after a large-scale malware campaign ...

npm tackles its riskiest security issues

With npm v12, GitHub closes a central attack vector: installation scripts from dependencies will only run after explicit ...
JD Supra

When the worm targets the assistant: Miasma turns AI coding agents into the trigger

GitHub disabled 73 repositories across four Microsoft organizations on June 5 after the self-replicating supply-chain campaign known as ...

Microsoft June 2026 Patch Tuesday fixes 6 zero-days, 200 flaws

Today is Microsoft's June 2026 Patch Tuesday, with security updates for 200 flaws, including five publicly disclosed zero-day ...
SecurityWeek

Microsoft Patches Exploited Exchange Server Vulnerability

Microsoft’s latest Patch Tuesday updates resolve an actively exploited Exchange Server vulnerability tracked as ...
Graham Cluley

Smashing Security podcast #471: This AI worm just rewrote its own rules

Researchers at the University of Toronto have built a worm that thinks for itself. Using free off-the-shelf AI models it ...