New Supply-Chain Worms IronWorm and Miasma Target Developers via GitHub, Alongside AI and Privacy Updates

Two new supply-chain worms, IronWorm (written in Rust) and Miasma (a variant of MiniSha Halua), targeted developers by infecting GitHub repositories to steal credentials and secrets. IronWorm initially compromised a decentralized database project, focusing on crypto/web3 and general software developers, using an eBPF kernel rootkit and Tor for C2 communication. Miasma, detected in early June, affected 32 Red Hat Cloud Services NPM packages across 96 versions before spreading to 73 Microsoft-owned repositories (Azure, Azure Samples, Microsoft, Microsoft Docs) on June 5, 2026, taken down within a 105-second window by GitHub’s automated abuse detection. The same contributor account reused in May’s Durable Task Python SDK compromise suggests credentials were never fully rotated, indicating persistent access. A separate Meta AI vulnerability, discovered on May 31, 2026, allowed attackers to hijack 20,225 Instagram accounts via a flawed password reset flow, exploiting a missing email verification check. Massachusetts passed the Consumer Data Privacy Act (146-0 vote), banning the sale of precise location data, while Chrome rolled out device-bound session credentials to mitigate stolen session cookie attacks. The video highlights the escalating targeting of developer systems and AI-driven security oversights.