AI agents & skills supply chain incidents
3 confirmed incidents affecting the ai-agents ecosystem.
- containedcritical
Miasma Worm Hits Microsoft Again: Azure Functions Action and 72 Other Repositories Disabled After Supply Chain Attack Targeting AI Coding Agents
On June 5, 2026, the Miasma worm campaign compromised Microsoft's Azure GitHub organizations by pushing a malicious commit to the Azure/durabletask repository using a compromised contributor account. GitHub disabled 73 repositories across four Microsoft organizations after configuration files were planted to harvest credentials when developers opened repositories in AI coding agents like Claude Code, Gemini CLI, Cursor, or VS Code.
MiasmaAI agents & skillsMalicious commitAccount takeover - activecritical
Malware in @redhat-cloud-services/hcc-feo-mcp
Malware in @redhat-cloud-services/hcc-feo-mcp Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have
MiasmanpmAI agents & skillsCompromised package - activecritical
Malware in @tmecontinue/claude
Malware in @tmecontinue/claude Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to a
npmAI agents & skillsCompromised package