Kevin Beaumont5d ago

It looks like Microsoft's DevOps libraries for Azure Functions might have been compromised. No statement yet but Github is nuking Microsoft's own repos.

https://opensourcemalware.com/blog/miasma-reaches-azure

The Blight Reaches Microsoft: 73 Repos Disabled in 105 Seconds

GitHub disabled 73 Microsoft repositories across four of its GitHub organizations — the entire Azure Functions org, the whole Durable Task family, and a row of AI sample apps — in a 105-second sweep on June 5. The recompromised durabletask package sits at the center, and the fingerprints point at the open-sourced Miasma worm.

Show threadKevin Beaumont5d ago

RE: https://infosec.exchange/@cirriustech/116698961191700971

Companion thread.

Show threadKevin Beaumont2d ago
As far as I know there's no public statement from Microsoft yet, but yes, I've heard they've been compromised and have been serving compromised code.
Show threadDavid Penfold 

@GossiTheDog Could this be linked? They've stubbornly refused to do anything about VS Code supply chain risks for years now.

https://infosec.exchange/@CyberSecurityNewsDaily/116714655896207665

CyberSecurityNewsDaily (@[email protected])

⚡ THREAT INTEL: VS Code Adds 2-Hour Extension Auto-Update Delay to Limit Sup Microsoft has announced that Visual Studio Code (VS Code) will apply a two-hour delay before extensions for the integrated development environment (IDE) are updated automatically to a newer version in Source: https://thehackernews.com/2026/06/vs-code-adds-2-hour-extension-auto.html #ThreatIntel #CyberSecurity #InfoSec

Infosec Exchange
Jun 8 at 2:17pmWeb