Microsoft Restores Some GitHub Repos, Keeps Others Offline as Miasma Probe Continues
Summary
Microsoft temporarily took down some GitHub repositories after discovering that 73 of its open-source projects were compromised. An attacker injected an information stealer into the code. Microsoft is working to restore affected repositories while continuing its investigation into the Miasma incident.
IFF Assessment
FOE
The compromise of open-source projects and the injection of malware represent a direct threat to the software supply chain and developers.
Defender Context
This incident highlights the critical importance of securing the software supply chain, even within well-established platforms like GitHub. Defenders should be vigilant about the integrity of open-source components and monitor for any signs of tampering or unusual code modifications.