// Microsoft 365HIGH
Microsoft's Azure repositories were compromised by the Miasma worm, resulting in 73 package repositories being automatically disabled by GitHub. The attack originated from the previously compromised Microsoft Durabletask package in May 2026, which was used to distribute infected packages via PyPI. Credentials stolen during the initial attack may not have been properly revoked, enabling the continued compromise. The Durabletask package had over 400,000 monthly downloads, indicating potential downstream impact to organizations depending on these packages.
// Get alerts for Microsoft 365