For the 2nd time in weeks, Microsoft packages laced with credential stealer
cdrnsf
40 points
2 comments
June 08, 2026
Related Discussions
Found 5 related stories in 108.2ms across 10,324 title embeddings via pgvector HNSW
- Microsoft's open source tools were hacked to steal passwords of AI developers raffael_de · 533 pts · June 09, 2026 · 62% similar
- Official SAP NPM packages compromised to steal credentials Brajeshwar · 30 pts · April 30, 2026 · 61% similar
- Microsoft Exchange, Windows 11 hacked on second day of Pwn2Own Brajeshwar · 16 pts · May 16, 2026 · 58% similar
- Full Disclosure: A Third (and Fourth) Azure Sign-In Log Bypass Found nyxgeek · 86 pts · March 20, 2026 · 57% similar
- Mystery Microsoft bug leaker keeps the zero-days coming e12e · 104 pts · May 14, 2026 · 57% similar
Discussion Highlights (2 comments)
rbanffy
That’s just lovely.
connorboyle
> The credential-stealing function in the Miasma worm infecting the Microsoft packages was triggered as soon as a developer opened it in AI agents, including Claude Code, Gemini CLI, Cursor, and VS Code. Follow-on attacks are likely to occur in the highly feasible event that credentials were successfully harvested from machines that opened the packages in one of the affected AI agents. It's really crazy that the most valuable companies in the world are suddenly allowing or even encouraging their employees to run programs whose entire functionality is undefined behavior right on their work computers, with access to important credentials and proprietary source code.