> The credential-stealing function in the Miasma worm infecting the Microsoft packages was triggered as soon as a developer opened it in AI agents, including Claude Code, Gemini CLI, Cursor, and VS Code. Follow-on attacks are likely to occur in the highly feasible event that credentials were successfully harvested from machines that opened the packages in one of the affected AI agents.
It's really crazy that the most valuable companies in the world are suddenly allowing or even encouraging their employees to run programs whose entire functionality is undefined behavior right on their work computers, with access to important credentials and proprietary source code.
> The credential-stealing function in the Miasma worm infecting the Microsoft packages was triggered as soon as a developer opened it in AI agents, including Claude Code, Gemini CLI, Cursor, and VS Code. Follow-on attacks are likely to occur in the highly feasible event that credentials were successfully harvested from machines that opened the packages in one of the affected AI agents.
It's really crazy that the most valuable companies in the world are suddenly allowing or even encouraging their employees to run programs whose entire functionality is undefined behavior right on their work computers, with access to important credentials and proprietary source code.
That’s just lovely.