Publicly available supply-chain attack kits, commercialized RAT infrastructures, and empirically demonstrated phishing vulnerability of AI agents mark a professionalization of the threat landscape.
A self-replicating worm compromises 73 Microsoft repositories through stolen administrative credentials, exploiting the trust model of GitHub and npm without leveraging software vulnerabilities.
Attackers operate highly ranked fake pages for tools like Ghidra and dnSpy on Google, redirect users through TDS-controlled JavaScript to malware servers, and evade security analysis by filtering VPNs, data centers, and repeated access.
Microsoft restored some GitHub repos after 73 open-source projects were compromised with information-stealer malware, while keeping others offline as the security investigation continues.
A locally hosted open-source language model enables a malware prototype to perform independent reasoning, network exploration, and replication without external AI APIs.
The Hades campaign exploits manipulated PyPI packages with automatically executing setup files to steal Bun login credentials in the Python supply chain.
Simple attack techniques remain effective despite known countermeasures, while undetected intrusions over extended periods revealed gaps in anomaly detection.
Microsoft disabled 73 GitHub repositories following a compromise by the Miasma worm, responding to a direct supply-chain attack on its developer infrastructure.
The Miasma worm spreads across Microsoft repositories on GitHub, demonstrating critical vulnerability of centrally managed development ecosystems to self-replicating attack malware.