Dark Reading

Miasma Supply Chain Worm Burrows Into 73 Microsoft Repositories

The attacks stemmed from a GitHub account that was also compromised in a previous Miasma attack on Microsoft last month.

GitHub disables Microsoft repos pushing password-stealing malware

Microsoft removed 73 repositories across its Azure, microsoft, Azure-Samples, and MicrosoftDocs organizations on GitHub, ...
The Hacker News

Miasma Worm Hits 73 Microsoft GitHub Repositories in Major Supply Chain Attack

Miasma hit 73 Microsoft repos across four GitHub orgs, forcing access disablement and exposing open-source trust risks.
The Hacker News

Hades PyPI Attack: 19 Packages Poisoned to Auto-Run Bun Credential Stealer

The Miasma supply chain campaign has sparked a fresh attack wave called Hades, this time involving 37 malicious wheel ...
Virtualization Review

OpenTelemetry Pushes Deeper into Cloud Observability

CNCF graduated OpenTelemetry in May 2026. Azure Monitor, CloudWatch and Google Cloud Observability support OTLP ingestion. Kubernetes and hybrid cloud are major OpenTelemetry use cases. OpenTelemetry, ...
Microsoft

How Storm-2949 turned a compromised identity into a cloud-wide breach

Microsoft Threat Intelligence recently uncovered a methodical, sophisticated, and multi-layered attack, where a threat actor we track as Storm-2949 launched a relentless campaign with a singular focus ...
GitHub

configure-managed-identity-kv-secret-user.md

To allow import of the assets, assign your API center's managed identity the Key Vault Secrets User role in your Azure key vault. You can use the portal or the Azure CLI. Assign the managed identity ...