Weaponized Microsoft Packages Deploy Password Stealer Malware

On June 8, 2026, Microsoft took swift action, disabling seventy-three of its GitHub repositories. This came after a self-replicating worm infiltrated a large portion of the company’s Azure Functions ecosystem.

The entire sweep happened in just 105 seconds, with all 73 repositories flagged and shut down between 19:00 and 19:02 UTC. What looked like a routine enforcement action was actually the visible tail end of a quiet, months-long intrusion.

The malware is called Miasma, also tracked under the name “The Spring Blight.” It is a worm that spreads across GitHub repositories by compromising supply-chain packages, stealing developer credentials, and replicating itself into new projects.

The attack touched four of Microsoft’s core GitHub organizations, namely Azure, Azure-Samples, microsoft, and MicrosoftDocs, taking out repositories that millions of developers rely on every single day.

Analysts at OpenSource Malware said in a report shared with Cyber SecurityNews (CSN) that they identified the intrusion and published a detailed breakdown of how the worm moved through Microsoft’s infrastructure.

Their research connected the June 8 incident to a broader campaign involving the Shai-Hulud toolkit, which had previously targeted AWS and GitHub environments. This time, the attackers upgraded their reach to go after Azure credentials specifically.

The attack also triggered a cascading failure for developers worldwide. When GitHub disabled Azure/functions-action, every CI/CD pipeline referencing Azure/functions-action@v1 stopped working immediately.

Microsoft’s initial statement described it as an “internal management issue,” only to revise that explanation twelve minutes later once the full scale of the incident became clear.

The compromise was wide enough to shake confidence in Microsoft’s own supply chain. A credential-harvesting worm sitting at the center of the Azure Functions ecosystem is not a minor event, and the speed at which it spread showed the attackers had carefully planned the entire operation.

73 Microsoft Packages Weaponized

Miasma’s entry point was the durabletask PyPI package, which sits at the core of Microsoft’s Durable Task framework used across Node.js, Python, Java, Go, JavaScript, MSSQL, Netherite, and protobuf implementations.

The attackers pushed three malicious versions, 1.5.1, 1.5.2, and 1.5.3, to PyPI inside a 38-minute window. None of the uploads had matching tags, releases, or CI runs in the GitHub repository, a red flag that something was wrong.

Those versions quietly pulled around 31,000 downloads before anyone caught them. The malicious package contained preinstall hooks that invoked Bun against a non-robust index.js loader, which is now considered Miasma’s known execution signature.

Once inside a developer’s environment, the worm stole GitHub Actions secrets and shipped them to an external service called TempGPT.

Beyond GitHub credentials, Miasma specifically targeted Azure OIDC authentication hashes and managed-identity tokens.

These allow cloud applications to authenticate with Azure services without storing passwords directly. Stealing them gives an attacker quiet, persistent access to cloud infrastructure that is very hard to detect and revoke.

Credential Theft and Worm-Like Propagation Across Azure

Once the worm harvested credentials, it did not stop there. Miasma created public GitHub repositories in the victim’s own account, describing them as “Miasma: The Spring Blight,” and committed the stolen secrets into those repositories as JSON.

That mass-creation activity triggered GitHub’s automated terms-of-service enforcement, causing 73 repos to go dark in under two minutes.

Earlier Shai-Hulud strains had focused on AWS access keys and GitHub personal tokens. This variant extended that playbook by reaching into Azure OIDC and managed-identity layers, representing a meaningful escalation in scope and ambition.

Security researchers strongly recommend that teams using Azure Functions pipelines pin their actions to a full commit SHA rather than a floating tag like @v1. Rotating Azure OIDC tokens, managed-identity credentials, and any npm or PyPI tokens reachable from affected workflows is also a priority.

Teams should check package install hooks for preinstall scripts invoking Bun against unfamiliar index.js loaders. Until Azure/functions-action is fully restored, Microsoft’s recommended alternatives include Azure CLI, Azure DevOps Pipelines, VS Code deployment, and Zip Deploy.

Any organization using these repositories should audit their own GitHub orgs for unexplained public repos referencing the Spring Blight campaign.

Note: IP addresses and domains are intentionally defanged (e.g., [.]) to prevent accidental resolution or hyperlinking. Re-fang only within controlled threat intelligence platforms such as MISP, VirusTotal, or your SIEM.

Disclaimer: HackersRadar reports on cybersecurity threats and incidents for informational and awareness purposes only. We do not engage in hacking activities, data exfiltration, or the hosting or distribution of stolen or leaked information. All content is based on publicly available sources.