Ars Technica reports that 73 Microsoft open source packages and repositories were hit by a self-replicating credential stealer designed to run when opened by an AI agent, marking another Miasma/Shai-Hulud-style supply-chain compromise targeting developer credentials.
For the 2nd time in weeks, Microsoft packages laced with credential stealer
Ars Technica reports that 73 Microsoft open source packages and repositories were hit by a self-replicating credential stealer designed to run when opened by an AI agent, marking another Miasma/Shai-Hulud-style supply-chain compromise targeting developer credentials.
Source: Arstechnica