alt.hn

6/9/2026 at 7:33:16 AM

Microsoft's open source tools were hacked to steal passwords of AI developers

 https://techcrunch.com/2026/06/08/microsofts-open-source-tools-were-hacked-to-steal-passwords-of-ai-developers/

by raffael_de

6/9/2026 at 8:36:22 AM

What follows next is purely speculation and it is based on my own observations and thoughts but based on what I've seen the old RBAC models, while being almost broken before, now it is fully broken, with the fact that now coding assistants and engineers are working on multiple unrelated projects simultaneously - especially working on wild experiments they had no time for previously. The risk of supply chain issue has increased dramatically in the enterprise.

Again, I am not saying it is related but I think it has an impact.

Now in many places it is encouraged by coders and managers to vibe stuff on their own devices. Soon or later it will become a problem, especially for those that have no idea what they are doing.

I am not saying it is related but I feel that it coincides perfectly.

I just cannot believe there is no underlaying thread going through all of these recent supply chain issues, and yes there are some hacking groups that specialise in this, sure, but it is because the bounty is plentiful.

by _pdp_

6/9/2026 at 11:41:12 AM

Just to clarify, and I know you weren't saying they are related, but this has absolutely nothing to do with AI or vibe coding or manager code.

It's a continuation of the Shai Halud worm and the lack of security around developer dependnecy installations, which has existed for a very long time.

Hackers have figured out that developers themselves are an ideal target due to how easy it is to trick them into installing something and how much private information they have on their machines (creds, cloud clis, mcps, etc.).

by watty

6/9/2026 at 2:19:10 PM

> due to how easy it is to trick them into installing something

You have tools from large corporations where the official installation procedure involves copy pasting a command from a random blog post, run it with sudo and watch it download and execute a script from a random filehost. This is somehow deemed acceptable by everyone involved.

Meanwhile I can't use teams in our meeting rooms, since any form of internet access was deemed a security risk in rooms where customer projects could be discussed. This is in a day and age where 90% of customer meetings are done over the internet.

Anyone trying to follow sane practices in this industry just asks to end up in a padded cell.

by josefx

6/9/2026 at 9:46:40 PM

> Meanwhile I can't use teams in our meeting rooms, since any form of internet access was deemed a security risk in rooms where customer projects could be discussed. This is in a day and age where 90% of customer meetings are done over the internet.

I hope this is in jest. Are you saying in order to discuss any customer project you have to book a meeting room? So no discussions of customer projects at the open plan desks or even in your boss' office for fear that something might overhear that conversation? Or is this only when the customer happens to be on-site to discuss their project? Does your organization assign U.S. Military style NICKA code names to everything?

by dessimus

6/9/2026 at 6:40:15 PM

> This is somehow deemed acceptable by everyone involved

By some, not all. It's been crazy from the start and it is still crazy to pipe a script to bash!

by dirkc

6/9/2026 at 7:26:48 PM

> Anyone trying to follow sane practices in this industry just asks to end up in a padded cell.

Same as it ever was.

by chickensong

6/9/2026 at 12:55:59 PM

As with many other things, AI exacerbates this problem. It’s so easy for many more of things things to happen unattended and in greater volume, and the AIs themselves can be tricked into doing these things, not helped by their patten of “prompt the user to approve 30 different inscrutable pythons and bash scripts”.

by madeofpalk

6/9/2026 at 12:39:20 PM

> Now in many places it is encouraged by coders and managers to vibe stuff on their own devices. Soon or later it will become a problem, especially for those that have no idea what they are doing.

Yes in our place too. "You better do as much as possible with AI or you will be left behind" dogmas etc.

It's the stupid IoT hype all over again. No concern for security, just trying to be the first in the pack.

by wolvoleo

6/9/2026 at 12:52:15 PM

"MongoDB is the hottest thing! No default creds, who cares about that! ONWARD TO PRODUCTION, SOLDIERS!"

by renegade-otter

6/9/2026 at 8:18:24 PM

MongoDB is web scale.

by thewebguyd

6/9/2026 at 2:00:08 PM

Instead of learning from past mistakes, it seems we need to keep making the same ones over and over.

by doubled112

6/9/2026 at 2:22:40 PM

It has all happened before and it will all happen again :)

by wolvoleo

6/9/2026 at 5:07:21 PM

I just finished watching that series, so I can pick up these references. Nothing like being 20 years late to the party

by dylan604

6/9/2026 at 9:02:27 PM

Has it been 20 years already? Wow. Yeah it was a good one (though a little too gritty for me sometimes)

by wolvoleo

6/9/2026 at 10:07:43 PM

Apparently I'm late to the party too! What is this from?

by abustamam

6/10/2026 at 12:38:55 AM

Battlestar Galactica remake

by wolvoleo

6/9/2026 at 4:23:15 PM

..and with faster and faster iterations :|

by bingo-bongo

6/9/2026 at 9:15:46 AM

I argued for years that we had too few workers for our total project count and management argued that most projects were idle and so it was fine to have so many per worker.

Welp.

by altairprime

6/9/2026 at 9:32:23 AM

I think web-based IDEs like GitHub Codespaces (but even VSCode with tunnels) is part of the solution because at the very least you can get an isolated dev environment per project. I've been advocating for this for as long as I remember.

Unfortunately, most developers don't like them so it is a though sell.

by _pdp_

6/9/2026 at 10:52:54 AM

Why do most developers not like it? Is it because the browser is a terrible platform for text editors since there is no proper key mapping, or access to proper debuggers, or there is too much latency, and no access to cli tools?

You make it sound like you are surprised, but everyone who has tried this knows it's crap and a band aid at best.

by 63stack

6/9/2026 at 12:33:59 PM

I really tried to give vscode an honest shot.

I couldn't find anything about it that was even half as good as a real text editor.

It made writing code feel like a chore. I usually love writing code.

by nosioptar

6/9/2026 at 6:50:31 PM

What is a real text editor, by your estimation? NVim? Emacs? Genuinely curious.

I use VSCode/Codium since I maintain a GUI stack for general usage. But I have all the terminal tools installed for my work there as well. I hate customizing things too, which I find is necessary if you want to get the most out of terminal text editors. VSCode is pretty good out of the box, with terminal access and everything built in.

Jeez, I hope this doesn't turn into a text editor flame war...

by GabeIsko

6/9/2026 at 11:24:43 AM

I hope folks know they can use Codespaces in their desktop editor. I never use the web editor.

by greggroth

6/9/2026 at 11:58:39 AM

Why would I ever want to use a browser based solution instead of local VMs? If you're worried about VM escapes then you have bigger problems (and hopefully a full time security team supporting you).

Edit: I realize in hindsight this comes across as overly negative. I think those are great solutions to have available for when you are working with a suboptimal local setup for whatever reason. I just don't think they're the default choice let alone any sort of ideal to strive for.

by fc417fc802

6/9/2026 at 10:21:01 AM

Web-based IDEs like VSCode on github just had a 1-click github token stealing vulnerability: https://blog.ammaraskar.com/github-token-stealing/

You could argue this is probably on GitHub for creating a token here that gives blanket access to all repos vs a scoped token for just the repo.

by domh

6/9/2026 at 9:47:16 AM

Is the theory here that the browser cannot be co-opted to infect web-based repositories? Also: thinking of how yt-dlp can integrate with browser cookies now and the malware paths that opens up. (This is part of why Chrome wants HSM cookies, I expect: DRM and opsec!)

by altairprime

6/9/2026 at 9:59:46 AM

In this scenario the malware will not be on the device but in an isolated dev environment on a remote machine. So it will have access to whatever was configured in that repo but hopefully the project is isolated enough to ensure containment and prevent cross-pollination.

by _pdp_

6/9/2026 at 11:06:17 AM

I don't think the cloud (someone else's computer) is the best solution. The sanitation problem can be mitigated by compartimentization but the cloud aspect also adds brittleness and new attack vectors.

Why not set up proper containers (or VMs) locally? And why not wait a little till local LLMs catch up?

Maybe just a personal itch, but having your dev environment elsewhere feels so gross to me..

by repelsteeltje

6/9/2026 at 1:49:54 PM

That is the problem. You outline perfectly how a developer sees the situation.

On the other hand ephemeral cloud environment with proper security controls makes a lot of sense if the goal is to isolate and control.

If everyone was following the protocol we wouldn't have had the problem to begin with.

by _pdp_

6/9/2026 at 10:57:23 AM

That’s a big, labor-expensive if.

by altairprime

6/9/2026 at 12:20:15 PM

This is the leg of the cycle when we go back to mainframes & centralized computing? With all the datacenter build out; why wouldn't you want your services adjacent to the LLM processing centers?

by jasonjayr

6/9/2026 at 1:43:52 PM

> I think web-based IDEs like GitHub Codespaces (but even VSCode with tunnels) is part of the solution

I am against proprietary SAAS online in browser dependencies.

by matkoniecz

6/9/2026 at 9:25:24 AM

Do you mean that role based access control (RBAC) should be replaced by something else? Or that just the specific RBAC models in use are broken?

I personally think the, perhaps confusingly named, capability based security models are the way of The Future.

by black_knight

6/9/2026 at 3:29:05 PM

ABAC/Capability and very granular policies for both actions and actions on behalf of others with the right sort of resource-based policies as well. And the apps need to be capability constrained and sandboxed.

Gonna be a hard nut to crack to implement this across the supply chain.

Transitive dependencies are a bitch.

by rswail

6/9/2026 at 11:12:34 AM

> Now in many places it is encouraged by coders and managers to vibe stuff on their own devices. Soon or later it will become a problem, especially for those that have no idea what they are doing.

Idiots must suffer.

by wartywhoa23

6/9/2026 at 9:21:38 AM

one could also vibe-code vanilla, no dependencies.

by sourcecodeplz

6/9/2026 at 9:28:36 AM

You can vibe code safely for sure.

I am not saying vibe coding is the issue. The issue is that a typical developer might be working on a lot more projects that run concurrently then they used to. And because of the various nature of the project the risk is significantly increased.

Scale this across the workforce and you not just doubled the problem.

by _pdp_

6/9/2026 at 10:39:10 AM

You can vibecode docs and tests also but I'm truly not seeing more of those.

In the end it can just be a culture thing. A dev who was going to write docs and tests before is going to have a LLM generate docs and tests today. Same with safe practices and defensive coding. The machine does whatever you want from it, for most that's "just get the job done I don't care". So that's the output.

by Grimburger

6/9/2026 at 1:23:23 PM

If I vibe code a project, that involves docs and tests as well. Obviously I do not, at any point, do anything blindly and there are some iterations for everything. I always double-check, and I do not use "agents", I do everything manually. I always check what the LLM is thinking, in real-time. I might be old school, but that allows me to write code that is not a pile of shit. :P I am still conscious about quality.

by johnisgood

6/9/2026 at 4:52:02 PM

Anecdotal.

13 million swe roles with .01% is 130,000 compromised devices.

Process problem

by whattheheckheck

6/9/2026 at 8:28:41 PM

I think that the numerical example you gave appears to be wrong unless you intended 1% rather than 0.01%.

In any case, fair enough. The concern is that organizations will build processes around AI where many people do not review outputs carefully. I do not disagree with this.

I also agree that my particular workflow is anecdotal and does not work at scale.

by johnisgood

6/10/2026 at 3:08:11 AM

Yes my bad I even checked it in the calculator but then typed in .01 again but added % again. I meant to do it to serve as an example of how bad humans are at thing.... right...

Yes 1%

by whattheheckheck

6/10/2026 at 7:26:13 AM

I do agree.

by johnisgood

6/9/2026 at 7:30:07 PM

"Practice safe vibecoding, stop the cycle of infections!"

by xeonmc

6/9/2026 at 12:52:02 PM

You can also fork everything and maintain local versions that you much more easily resolve conflicts with upstream with AI and get the best of both worlds while you work through the backlog of internally reimplementing all dependencies, which even with AI will take a long time.

by vasco

6/9/2026 at 8:44:47 AM

The phrasing of the title is loaded and the content phrases it as some kind of fault of open source.

Then, which I find the most amusing, proceeds to blame MicroSlop for the attempted suuply chain attack,

> Microsoft did not immediately provide the specific number of customers affected, when asked by TechCrunch.

Yeah, because that's how open source works. Tech crunch doing hard work no not explain that.

> This is Microsoft’s second known breach over the past few weeks that has allowed hackers to compromise its open source projects, per Ars Technica.

I, like many others love to knock on Microslop when I can, but in this case they did the right thing. The article phrases it like they did everything wrong, they're all at fault and shame on them for limiting the breach.

This is not the first time I've seen an article from Zack Whittaker that just rubbed me the wrong way.

> steal passwords of AI developers

This phrasing has it's own connotations. AI developers versus developers who use AI?

> This is the latest example in recent months of hackers breaching widely popular open source projects with the aim of planting malware on a large number of users who have the code installed on their computers. These hacks are known as “supply chain” attacks as they target code that is often used in a large number of software products, or by a specific kind of user, which may be advantageous to hack as they sometimes have access to cloud systems and large amounts of customers’ data.

Describes literally nothing of what a supply chain attack is, just the result of one and the reasons for their attack surface.

Very very bad reporting in my opinion. Bad breach, and I hate to admit M$ did the safe and right thing, but this 'reporting' leaves a lot to be desired.

by bilekas

6/10/2026 at 1:43:01 AM

That's the thing: they do bear responsibility in allowing the situation to get to this point and are very pointedly not connecting the dots with their response.

Microsoft which owns GitHub, has been washing their hands if any responsibility in helping to resolve the ongoing supply chain catastrophe which is hosted and spread nearly entirely via Github repositories: not responding to security researchers flagging malware hosted on GitHub; doing nothing to address the proliferation of open source malware across their platform, giving no recourse for action, not applying their tremendous resources to the problem, fiddling as the open source community burns and leaving the devs to fend for themselves. Let's not mention the recent very hostile and trust-erodibg behavior towards bug bounty security researchers.

The *&$@ finally spread all the way up to the top of the hill in a compromise of Microsoft's own repos, which I think highlights the scale of the problem.

And in response, they offer a watery corporate platitude, "a few customers were affected in a recent incident, and we're looking into it."

by mattfields

6/10/2026 at 5:48:44 AM

Microsoft's introduction of 2 hour latencies for vscode extension installations to mitigate the ongoing worm spread is absolutely bonkers.

They did not read the source code of the worm implant and have absolutely no clue how the worm works, if that is their response.

The only way to meaningfully stop the worm is by requiring manual confirmations for git commit/push actions and for the auto-executed hooks in all IDEs. Also, these scripts should be sandboxed to only be allowed to run and interact with files inside the same opened project folder.

Well, that, or setting the host system language to Russian. Which I am kind of expecting Microsoft to do next...

by cookiengineer

6/9/2026 at 8:59:57 AM

TechCrunch is very sloppy and unreliable. I’ve seen them reporting on things I worked on where they just invented facts for SEO purpose and there is no way to get them to correct

by dgellow

6/9/2026 at 11:16:50 AM

Which is worse tc or verge? Verge does similar making up of facts.

by sourcegrift

6/9/2026 at 12:08:38 PM

Similar. They both don't belong here.

by subscribed

6/9/2026 at 9:23:06 AM

> > This is Microsoft’s second known breach over the past few weeks that has allowed hackers to compromise its open source projects, per Ars Technica.

> I, like many others love to knock on Microslop when I can, but in this case they did the right thing.

I've no idea what your problem with this sentence is. They have an organisational security problem, aided/demonstrated by lack of effort to effectively lockdown GitHub Actions and allowing MRs to circumvent CI/CD.

That this is a Microsoft problem that was present pre-AI is not up for debate. See https://www.cisa.gov/sites/default/files/2025-03/CSRBReviewO...

In the age of AI, it's now endemic and being weaponised.

by philipwhiuk

6/9/2026 at 10:08:03 AM

> That this is a Microsoft problem that was present pre-AI is not up for debate. See https://www.cisa.gov/sites/default/files/2025-03/CSRBReviewO...

No argument from me, but what would you have them do in the immediate timeframe ?

by bilekas

6/9/2026 at 1:01:31 PM

Some form of public communication from Microsoft Security indicating an actual threat to their ecosystem and published pipeline of work to reduce the ability of attacks to spread via GitHub actions.

They can publish self-congratulatory stuff like this: https://www.microsoft.com/en-us/security/blog/2026/06/05/sec... but they can't publish a post-mortem on their own platform?

I'm told that when Affirmed got compromised Microsoft Security descended on the org and rewrote their entire backlog. Where is the plan from GitHub that they are now taking security seriously given GitHub Actions is now a primary threat vector even for projects written by their own company.

by philipwhiuk

6/9/2026 at 8:53:59 AM

What's your post mortem, then? As in - what happened and how should it be read?

by raffael_de

6/9/2026 at 9:03:49 AM

Microsoft's open source projects the target of a supply chain attack and they decided to restrict access to understand and limit exposure ? Something a little more 'true' and less targetted?

by bilekas

6/9/2026 at 9:24:45 AM

Azure are able to be targets of supply chain attack because of the supply chain ecosystem that they still own. It's not really a supply chain when it's still yours.

by philipwhiuk

6/9/2026 at 10:05:11 AM

> It's not really a supply chain when it's still yours.

I don't personally buy that, they offer a package manager in the form of nuget for example, if their products there are compromised, they're well withing normal reach to block THEIR packages, but why would they need to block the rest ?

Maybe I'm missing something dumb

by bilekas

6/9/2026 at 12:58:32 PM

* GitHub [which they own] failed to detect the account was compromised

* GitHub [which they own] allowed the contribution to ignore CI

* GitHub [which they own] failed to detect suspicious content on check-in

* GitHub [which they own] isn't sufficiently integrated into Microsoft security that the compromised token wasn't rolled.

by philipwhiuk

6/9/2026 at 10:39:53 AM

[dead]

by raffael_de

6/9/2026 at 8:25:10 AM

These seem related:

* https://news.ycombinator.com/item?id=48418318 (The Blight Reaches Microsoft: 73 Repos Disabled in 105 Seconds)

* https://news.ycombinator.com/item?id=48450543 (Miasma Worm Hits Microsoft Again: Azure Functions Action and 72 Other Repositories Disabled After Supply Chain Attack Targeting AI Coding Agents)

* https://news.ycombinator.com/item?id=48416155

* https://news.ycombinator.com/item?id=48416269 (Miasma Worm Targets AI Coding Agents via GitHub Repos)

by JdeBP

6/10/2026 at 1:44:07 AM

Yep. This is the thing that Microsoft is not mentioning in their watery response there.

by mattfields

6/9/2026 at 12:55:48 PM

I created a mitigation tool that can be used to fix/remove the worm from all infected repositories, and did a writeup about this.

On Monday, the Hades campaign introduced Composer, Go and Pip support. Before that it had only support for NPM and AI assistant editors. (Well, and Ruby btw but nobody uses Rubygems anymore it seems).

What even Microsoft gets wrong: This is the first worm that runs on all platforms in the code ecosystem. Developer host machines, servers, ci/cd runners. And all of them spread the worm to all repositories that are accessible on those machines.

You would have to completely shutdown 100% of all computers AND aws ec2 AND google cloud platform AND azure AND kubernetes clusters AT THE SAME TIME to beat this worm. It literally spreads across all infrastructure.

Kill switch, as always with APT28 malware, is setting the host language to ru_RU.KOI8-R (LANG environment variable). That disables the spread mechanism.

My Mitigation Tool (I'm updating it as new package systems are targeted ...):

https://github.com/cookiengineer/antimiasma

Blog post:

https://cookie.engineer/weblog/articles/malware-insights-mia...

by cookiengineer

6/9/2026 at 1:05:03 PM

It only spreads if you run the code...

by philipwhiuk

6/9/2026 at 6:38:50 PM

No, it spreads if you open a folder. That's the point why developers all underestimate the worm's capabilities.

by cookiengineer

6/10/2026 at 1:30:03 AM

This ^

by mattfields

6/9/2026 at 8:52:35 AM

I strongly suspect this is a case of classic personal access tokens being used in an unclean way.

If you are going to be handing tokens to AI agents on weird openclaw contraptions, you should try to use the fine grained variants. My GitHub account spans 3 organizations with wildly differing policies. The fact that classic tokens are even still allowed blows my mind a bit. You should be required to manually opt in each organization at a minimum.

by bob1029

6/9/2026 at 10:39:46 AM

It feels to me like AI agents should be their own security principals and use access tokens generated speficically for them on the repos or orgs that they need access to. Handing an AI agent an access token "minted" for a human's account feels to me like the new "write the password on a post-it".

by red_admiral

6/9/2026 at 11:33:11 AM

Not just AI agents... basically, if you cd Projects/foo, that should be it's own user (for running npm, etc) that should not have access to parent user data (probably including github tokens, etc).

by silon42

6/9/2026 at 7:08:09 PM

> basically, if you cd Projects/foo, that should be it's own user

Agreed. I went further and turned that into its own isolated virtual machine. The credentials problem is really annoying though. AI agents need the access in order to be useful.

by matheusmoreira

6/9/2026 at 12:01:35 PM

Why not both?

by IX-103

6/9/2026 at 11:39:49 AM

This is what I'm advocating for.

Give each dev's AI agent its own identity with its own access controls and tokens and everything.

It helps solve both the access control and attribution issues

by Klathmon

6/9/2026 at 10:48:54 AM

As long as there’s a way to deterministically tie a model call to a human user. I think a loss of culpability is something some companies are afraid of to some extent.

by notnaut

6/9/2026 at 11:15:13 AM

Loss of liability is what company are built for, see the meaning of LLC as an exemple.

Of course, it is only their employees that are impacted instead of their bottom line, they might be more tolerant?

by etiennebausson

6/9/2026 at 9:31:05 AM

You are correct but the issue is permission management with finegrained tokens is nighmare. It is not easy to decide what is correct and what is needed for some operation. Furthermore, often software devs think it is important to focus on code rather than permissions - as it is for someone else's responsibility....

by test20201

6/9/2026 at 1:34:00 PM

Sometimes the basic things missing in the programming world just shock me. How is anyone supposed to know what permissions to give in these systems that have literally hundreds of fine-grained permissions, many of which can also have scope? Even if they're "documented" we all know from experience that some textual descriptions of a permissions won't capture when it is actually used in the code.

Why isn't it standard to have a security log that shows what permissions were requested, with what scope, so we can at least create a minimal set of permissions by trying an operation, seeing what permissions are necessary, and then setting just the needed permissions? If you're worried about that log itself becoming a compromise, make it something that is off by default, and maybe automatically turns off after some period of time, or make me use a burner token for this operation, or something, but the alternative is the world of excessively-broad permissions that we live in now. Why isn't there a helper mode that a dev can use to point at an interaction and say "now give me minimal permissions for those interactions", not only to configure a given key but so we can learn what permissions actually mean in practice?

We're given these super complicated knobs, but all we get for using them is a few textual blurbs about the settings and the blame if we don't configure them exactly correctly, and also the blame if something breaks because we were too tight with the permissions.

This seems such a basic tool to use these super complicated systems yet I've never seen them anywhere on the web.

Perhaps ironically, perhaps just because it was already complicated enough and needed a way to approach usable, the notoriously difficult to use SELinux uses this as the more-or-less standard way of setting permissions. I can't believe I'm missing SELinux.

by jerf

6/9/2026 at 5:25:53 PM

If classic PATs were to blame, doesn't this mean further private repos could be at risk as well? (apart from the GitHub ones the other day).

by lmc

6/9/2026 at 10:34:29 AM

I use classic tokens on low-privileged accounts for scraping public repos. I suppose organization level permissions would work fine for me.

by trumpdong

6/9/2026 at 8:31:24 AM

And we trust these people with the root CA cert in our Secure Boot?

by protoman3000

6/9/2026 at 9:22:58 AM

You mean the company that failed their 2023 security review? [0]

> Individually, any one of the failings described above might be understandable. Taken together, they point to a failure of Microsoft’s organizational controls and governance, and of its corporate culture around security.

Microsoft’s products and services are ubiquitous. It is one of the most important technology companies in the world, if not the most important. This position brings with it utmost and global responsibilities. It requires a security-focused corporate culture of accountability, which starts with the CEO, to ensure that financial or other go-to-market factors do not undermine cybersecurity and the protection of Microsoft’s customers.

> Unfortunately, throughout this review, the Board identified a series of operational and strategic decisions that collectively point to a corporate culture in Microsoft that deprioritized both enterprise security investments and rigorous risk management. These decisions resulted in significant costs and harm for Microsoft customers around the world.

> The Board is convinced that Microsoft should address its security culture.

[0] https://www.cisa.gov/resources-tools/resources/CSRB-Review-S...

by shakna

6/9/2026 at 12:49:56 PM

Bonkers that this wasn’t bigger news

by stogot

6/9/2026 at 9:05:02 AM

More like "forced to accept" rather than "trust".

This latest event just continues Microsoft's track record of being a security problem rather than having their shit together. :(

by justinclift

6/9/2026 at 9:43:37 AM

No one should be foolish enough to trust Microsoft with anything regarding security. They showed time and time again over the past 40 years that they don't care.

by sunaookami

6/9/2026 at 10:25:28 AM

Have you bought a PC in the last 10 years? Then it came with Microsoft's secure boot keys on it. Sometimes it's not even possible to remove or disable them. Sometimes you actually need a Microsoft-signed bootloader shim to boot anything that isn't Microsoft.

by trumpdong

6/9/2026 at 12:21:36 PM

I haven't bought a Windows PC in the last 10 years, yes. I think the last Windows PC I bought was a used ThinkPad from 2011 that I upgraded and used until 2022.

by sunaookami

6/9/2026 at 10:21:04 AM

What do you mean 'we'? :-)

by AdamN

6/9/2026 at 9:53:48 AM

Please, someone explain how it's possible to add obfuscated file to so many repositories? Do they don't have any code reviews?

Also, the title is misleading, setup adds config to be auto executed by people who work on the repo. They would have to use vscode/cursor/claude/gemini. People who use codex / opencode / other harnesses are safe I guess.

Details: https://www.stepsecurity.io/blog/miasma-worm-hits-microsoft-...

by haute_cuisine

6/9/2026 at 10:14:05 AM

> Do they don't have any code reviews?

I have a good friend that works for one of the giants(I can't say which one for obvious reasons but S&P 500). He's been working there for quite a while now, so far he hasn't seen what the project he works on looks like, has the repo cloned and knows what language is used but nothing beyond that. Everything is slopped together. His project is the authentication and authorization system for all the company products. In his own words "I hit Tab all day long and write 'this is intended' in the reviews, which are all ai, there is no human in the loop. This is what we are told to do by the CEO and CTO unironically. If something breaks, no one knows how any of this works since no one has seen the actual code. Our performance reviews are based on how many tokens we've used, not what we have done". I suspect this is the case in many companies now so it's not unreasonable to think that there are no actual code reviews.

by axegon_

6/9/2026 at 1:02:14 PM

Maybe the company or the CEO are invested in AI companies. Half of this tokenmaxxing is ordered by legitimately insane people, the other half has vested interests.

When that boost disappears after the IPOs, everything will crash.

by 349187

6/9/2026 at 1:37:52 PM

> When that boost disappears after the IPOs, everything will crash.

Don't threaten me with a good time(also unironically).

by axegon_

6/9/2026 at 11:34:21 AM

> have a good friend that works for one of the giants(I can't say which one for obvious reasons but S&P 500).

I can’t think of any obvious reason other than this being embellished / made up? Those companies have tens of thousands of employees you aren’t going to “out” anyone by naming the company.

by LastTrain

6/9/2026 at 11:47:54 AM

I have a fair share of OSINT experience, be it as a hobby. The fact that I said S&P 500 and what his department does, that he is hired as a developer, I've already narrowed it down to several thousand people. Add the company name and you can narrow it down to a few dozens at most. And you can keep deducing further till you narrow it down to one or two.

by axegon_

6/9/2026 at 11:19:40 PM

First, it's not made up. I've heard numerous stories of this sort (maybe a bit less extreme) from people I have known for many years working for large and mid-sized companies. Second, large companies have entire teams for monitoring social media and they absolutely will try to zero in on you and fire you if you speak too much about their crappy internal processes. This goes double for anything in S&P 500.

by romaniv

6/9/2026 at 10:27:00 AM

the reasons are not obvious. I want to avoid their products.Does anyone else *cough* who has a throwaway account know the place?

by trumpdong

6/9/2026 at 10:31:22 AM

At this point, I suspect that is just about every tech company. Your best bet is to self-host everything, no agents, no cloud services, completely locked up home network and a loaded shotgun if anything starts making unexpected noises.

by axegon_

6/9/2026 at 1:11:22 PM

Many of the malicious commits show as an author `github-actions <github-actions@github.com>`. Which means that they are authenticating as internal github CI/CD stuff and that there are so many of those that no possible automated tool can find the poison in the mountain of chaff.

So this is related to the Sept 2025 security breach of Github.

> The five repos carry 1,459 GitHub stars between them, mantine-datatable alone accounting for 1,225. Stars are a rough proxy for how many developers have the source checked out locally, which is the population this attack targets.

> Every commit: unsigned, github-actions identity, chore: update dependencies [skip ci], the same six-file footprint. A 49-second sweep across five repos is automation, not a human committing. This matches Shai-Hulud self-propagation: harvest a GitHub token with write access from a prior infection, then push the persistence payload into every repo the token can reach.

https://safedep.io/miasma-worm-ai-coding-agent-config-inject...

What it is doing: https://safedep.io/config-files-that-run-code/

I'm not related to those guys. That's the simplest detailed explanation of what is happening that I've found.

by Tangurena2

6/9/2026 at 12:25:58 PM

Coworker seriously asked "since we're generating most of our code now, who is actually reading all of the code?" We're at a small company, but the urge to trust The Oracle is almost spiritual with some people IMHO.

I read 90%+ of the code I generate by reviewing it like I would a junior developer. I'm heavily vibe-coding a new feature right now and it's going to get a thorough reading as soon as GitHub's PRs start working again

by ianmarcinkowski

6/9/2026 at 10:01:06 AM

if an account with the ability to push to the repo was taken over, there wouldn't be any PR review.

by vorticalbox

6/9/2026 at 2:31:50 PM

I had to reset my personal Microsoft account password yesterday because I got a two factor alert about a log in attempt from Romania. I can’t figure out how they got my password though because the only Microsoft product I own is an Xbox. Even before ai though Microsoft leaks like a sieve. I wish my company would move off them, but we are locked in.

by yoyohello13

6/9/2026 at 2:55:02 PM

It is almost impossible to set up personal Microsoft accounts that does not allow passwordless login. So what is more likely to have happened is that your account is set up like this and you are just getting MFA requests that are not a second factor, but simply an attempt to get access to your account.

I was getting multiple of these a day and found that if you set up the Microsoft Authenticator app from a phone, it will force it to passwordless if you have any type of lock on your phone (facial, fingerprint, pin). The only way around it is to disable all of those while setting up the account in the authenticator app. I don't use my Microsoft account much, so just use a separate e-mail now for verification instead of the authenticator app.

The fact that this is how it works is of course insane, but I'm guessing someone inside of Microsoft is hitting their KPIs for passwordless logins or something...

by rspijker

6/9/2026 at 3:29:28 PM

Thank you! I have a very strong password so I was worried about how this could happen, but your scenario makes sense. Especially since it only seems to be my Microsoft account having this problem.

by yoyohello13

6/9/2026 at 3:54:18 PM

In some organizations I've worked at, the multi-factor prompt would occur regardless of the password validity (wastes more of the attacker's time). Is that the case with Microsoft? I'm not sure.

by skinfaxi

6/9/2026 at 9:47:03 AM

Nobody should do 'npm install' or 'pip install' on their machine.

Using a proper sandboxing(https://github.com/ashishb/amazing-sandbox) regularly will drastically limit the blast radius of these attacks.

by ashishb

6/9/2026 at 9:54:19 AM

> https://github.com/ashishb/amazing-sandbox

Does your Docker backend run commands in rootless containers? I skimmed the code but didn't see anything to confirm this.

by pritambaral

6/9/2026 at 3:28:35 PM

Right now, not. Eventually, they will.

You can pass your favorite rootless Docker image using `--custom-docker-image` CLI parameter.

by ashishb

6/9/2026 at 12:28:46 PM

Docker isn’t a serious sandboxing strategy

by Bnjoroge

6/9/2026 at 2:42:24 PM

This has been responded to in the past by another HN poster: https://news.ycombinator.com/item?id=47612726

Furthermore, you can use native sandboxing on macOS if you prefer.

If neither looks serious to you, then please educate me on a better sandboxing approach.

by ashishb

6/9/2026 at 9:50:20 AM

> Nobody should do 'npm install' or 'pip install' on their machine.

What alternative do you suggest?

Do you mean not install outside a sandbox?

by graemep

6/9/2026 at 1:43:14 PM

I've been playing around with declarative container configurations: https://github.com/AdrianVollmer/ContainerConductor (It's not ready, don't use it!)

It will always introduce friction, though.

Modern software development is simply too fast to be reviewed properly.

by mr_mitm

6/9/2026 at 10:47:35 AM

alias npm / bun / ... to run in a docker container, so npm install run automatically in the container.

by progx

6/9/2026 at 2:46:46 PM

That's exactly what I started with. It gets unwieldy quickly enough as you need to mount a lot of directories that these you uses as cache.

So, amazing-sandbox at its core is nothing but a glorified docker command generator (in default mode).

by ashishb

6/9/2026 at 10:07:53 AM

Download source. Extract. Move files to correct node_modules folder.

If your distribution requires more than this, then it's not really a module, or combines too many non-modular components, and should be distributed differently.

The ability for npm to run scripts on any level should be removed.

Then we can go back to worrying about namespacing issues.

by themafia

6/9/2026 at 2:49:34 PM

> The ability for npm to run scripts on any level should be removed.

Even Python has that ability now. Also, `npm run dev` is running the script with full disk access.

Heck, Vscode/Cursor will auto-execute code if you open a project. And this has been actively used in the wild https://ashishb.net/security/contagious-interview/

by ashishb

6/9/2026 at 11:00:43 AM

You discovered what web development was like in early 2000.

by 63stack

6/9/2026 at 10:24:57 AM

If an attacker can infect the post-install script of an npm package, they can also infect the package source code itself. So if you ever run the project outside the sandbox, you will still get compromised.

It's like saying "I don't trust a software app with an installer, I just want a .zip with the binaries from the same source that I will run myself"

by dist-epoch

6/9/2026 at 10:33:48 AM

> they can also infect the package source code itself

Which is where the concept of "safe levels" come in. I should be able to install this module in such a way where file operations and process operations are not available to it. That being said, presumably, this types of infiltration would seem to be _much_ easier to spot. "Why is this web framework calling 'spawn'?"

> I just want a .zip with the binaries

I want a .zip with the _code_. Just the code. None of the packaging nonsense. My distribution can handle that.

by themafia

6/9/2026 at 2:50:55 PM

> I should be able to install this module in such a way where file operations and process operations are not available to it.

That's the definition of a sandbox, isn't it?

by ashishb

6/9/2026 at 10:52:00 AM

do you really think you will see a clear "spawn" call? there is a long history of obfuscating what the code does to hide backdoors, in quite ingenious ways

> I should be able to install this module in such a way where file operations and process operations are not available to i

technically browser sandboxes, WASM, do this. but then you are very limited since you can only sandbox the whole app, and not one module, so if you need local file access, you need to open it up to the whole app and all it's modules

by dist-epoch

6/9/2026 at 11:46:07 AM

Is there a detection component here too? Sandboxing development is great, but the next step is to deploy to production. How do you know if something malicious happened in the sandbox, such that you don't deploy the malware further?

by 8organicbits

6/9/2026 at 2:44:31 PM

I have some ideas around it. And indeed that's one likely direction of this project in the future.

by ashishb

6/9/2026 at 3:07:06 PM

I was probably late to the party in realizing and saying it, but I've been saying for a little while, even if you don't want to use AI because "the code is bad" or whatever, I highly suggest you consider having AI auditing code and services for security, or literally anything that scans code for vulnerabilities.

The attack vector isn't just plugins that steal your data, but also 0-day exploits in just about any software you use, and even your own web services being exploited by a script kiddy with an LLM. There will be an increase in hacks and it's only going to get worse, so anyone not investing in cyber security audits and auditing tools should really reconsider.

by giancarlostoro

6/9/2026 at 3:11:23 PM

AI harnesses were exploited, here's why it's actually good for AI.

by yifanl

6/9/2026 at 3:16:17 PM

Not what I'm saying at all, but okay. More like "don't sleep on cyber security" more than anything. I don't care if you use AI, though it can definitely be useful for security auditing. Red teams are going to become more invaluable these days.

by giancarlostoro

6/9/2026 at 3:23:34 PM

You're talking about living in a world where we have to take entirely preventative steps, not reactive because hacking is going to be that much more prevalent.

AI can tell you you're being zero-day'd, but that isn't much comfort - you're already expecting everyone to always be zero-day'd at all times!

by yifanl

6/9/2026 at 3:47:57 PM

What I'm suggesting is that AI and security tooling can help you minimize attack vectors.

by giancarlostoro

6/9/2026 at 3:36:30 PM

You can post any number of snarky booster comments, but at the end of the day they are the opposite of insightful. They are an obfuscation.

What I'm seeing is that the whole security model built around endless code re-evaluation and continuous (usually online) updates is collapsing in a spectacular fashion. This is not "good for red teams" or "good for security AI". This is not good for anyone except malicious actors.

I rarely do these, but here is my prediction: doing more of the same but faster is not going to work. No matter how much AI compute people will throw at security scans and patching, the number of security incidents and the overall instability will keep going up until the underlying security model is fundamentally changed.

by romaniv

6/9/2026 at 3:49:11 PM

Booster comments? What? Since when is routine security auditing bad? A lot of people sleep on it, and have insanely obvious (in hindsight) security issues that could have been avoided by a simple audit.

by giancarlostoro

6/9/2026 at 8:42:34 AM

And the best recommendation security teams can give - keep your SBOM strict, use min release age policy (sounds more like band-aid). That's a scary world to live in.

by zihotki

6/9/2026 at 8:55:48 AM

a friend of mine has a very different solution: he codes everything by hand. he says that the time you need to research to include a new package you can actually use to code the piece you need. and he for sure doesn't have the problems of transitive dependencies

by wolfi1

6/9/2026 at 10:38:04 AM

That's been happening to me more often too recently. I find that, for a growing number of simple problems, reinventing the wheel is faster and more efficient than importing a mature, fully-featured dependency.

by supernes

6/9/2026 at 9:25:05 AM

Depending of the scenario, it can be very fine. E.g. if you just need one or two function call from the dependency. However, for some complex binary protocols it might be better to stick with libraries.

by nicce

6/9/2026 at 9:04:34 AM

I assume that means he genAIs all his deps? Rather than writing by hand

by dgellow

6/9/2026 at 2:17:58 PM

he does not use them

by wolfi1

6/9/2026 at 9:43:08 AM

But now he needs to develop, test and maintain that code. Left pad is easily hand coded, react framework not so much.

by hsbauauvhabzb

6/9/2026 at 9:58:45 AM

his projects were GUIs for machines (HMI)

by wolfi1

6/9/2026 at 4:46:05 PM

Embedded software already has a pretty strong culture of rarely using libraries and vendoring them if they do (for better and for worse). This kind of worm just doesn't really make sense in that kind of environment anyway.

by rcxdude

6/9/2026 at 1:54:40 PM

That’s not really my point. My point is some libraries are easily replaced and others are massive, complex and need ongoing support.

By the same logic, he could avoid system dependencies by writing his own OS. But it obviously doesn’t scale.

I’m all for an anti-library ethos, as long as the pros and cons are carefully considered and wheels are only reinvented when the cost/risk ratio is right.

by hsbauauvhabzb

6/9/2026 at 9:23:36 AM

> keep your SBOM strict

Based on the news, seems like it is better to not include Microsoft at all in there.

by nicce

6/9/2026 at 8:33:26 AM

Remember folks Microsoft has Mythos access

by minraws

6/9/2026 at 6:23:39 PM

No, it's Mythos that has access to Microsoft now :-)

by xeyownt

6/9/2026 at 8:14:41 AM

Their source has the list of the 73 disabled repositories: https://opensourcemalware.com/blog/miasma-reaches-azure

by axus

6/9/2026 at 8:16:31 AM

AI;DR:

Azure (49)

azure-functions-agents-runtime azure-functions-connector-extension azure-functions-core-tools azure-functions-docker azure-functions-dotnet-extensions azure-functions-dotnet-worker azure-functions-durable-extension azure-functions-durable-js azure-functions-durable-powershell azure-functions-durable-python azure-functions-extension-bundles azure-functions-golang-worker azure-functions-host azure-functions-java-library azure-functions-java-worker azure-functions-kafka-extension azure-functions-language-worker-protobuf azure-functions-mcp-extension azure-functions-nodejs-e2e-tests azure-functions-nodejs-library azure-functions-nodejs-opentelemetry azure-functions-nodejs-worker azure-functions-openai-extension azure-functions-powershell-library azure-functions-powershell-opentelemetry azure-functions-powershell-worker azure-functions-python-extensions azure-functions-python-library azure-functions-python-worker azure-functions-rabbitmq-extension azure-functions-skills azure-functions-sql-extension azure-functions-templates azure-functions-tooling-feed azure-functions-vs-build-sdk azure-webjobs-sdk azure-webjobs-sdk-extensions azure-websites-security checkaccess-v2-go-sdk Connectors-NET-LSP Connectors-NET-Samples Connectors-NET-SDK Connectors-NodeJS-SDK connectors-python-sdk durabletask functions-action functions-container-action homebrew-functions sonic-gnmi.msft

microsoft (10)

DurableFunctionsMonitor durabletask-dotnet durabletask-go durabletask-java durabletask-js durabletask-mssql durabletask-netherite durabletask-protobuf Microsoft-Performance-Tools-Apple secure-azureai-agent

Azure-Samples (13)

azure-ai-content-understanding-python azure-container-apps-multi-agent-workflow azure-container-apps-sandboxes azure-functions-java-flex-consumption-azd azure-functions-nodejs-opentelemetry-samples azure-search-openai-demo-purviewdatasecurity functions-connectors-python functions-connectors-typescript llm-fine-tuning openai-chat-app-entra-auth-builtin openai-chat-app-entra-auth-local rag-postgres-openai-python tutor

MicrosoftDocs (1)

windows-driver-docs

by antiloper

6/9/2026 at 9:53:40 AM

There is such a thing as too much software.

by sph

6/9/2026 at 10:29:13 AM

Indeed. Every line of code is like a liability, but managers suddenly decided to stack rank developers based on number of lines of code written, again, which is like ranking aircraft designs by how heavy they are.

by trumpdong

6/9/2026 at 2:30:18 PM

Microservices have got all the attention, but at around the same time there existed the microlibraries fashion too.

And just like the other one, the people proposing those microlibraries knew what they were doing and had actually reasonable ideas. But masses of FAANG developers took it and run wild.

by marcosdumay

6/9/2026 at 10:23:12 PM

I am inordinately amused by the fact that Microsoft's Github has suspended access by Microsoft's Azure (and anyone else) to their Microsoft code-base because of a TOS violation.

Really drives home this org chart: https://www.businessinsider.com/big-tech-org-charts-2011-6

by Rantenki

6/9/2026 at 9:30:30 AM

"No way to prevent this" say users of only package manager where this... Oh no sorry I thought this was Javascript Haters weekly meetup

by abc3354

6/9/2026 at 8:26:21 AM

Note that also the homebrew-tap was affected: homebrew-functions

by jbverschoor

6/9/2026 at 5:21:05 PM

Wasn't there some directive within Microsoft to fix their security issues?

How many other OSS repos of similarly sized companies get compromised like this?

No one ever got fired for choosing IBM or AWS - but apparently Microsoft has a decades long free pass everywhere.

Insane.

by jasonvorhe

6/9/2026 at 9:02:06 AM

> steal passwords of AI developers

What does this even mean?

The malware specifically steals passwords from developers who use AI? From those who develop AI tool? Or it steals API tokens, which serve a similar function as passwords do for humans?

Is this what journalism looks like today? Just slap the two holy letters on the title and you get views?

(Yes, I read the article. No, I still don't think the title makes sense. You can skip this techchurch slop and read the real information here: https://opensourcemalware.com/blog/miasma-reaches-azure)

by raincole

6/9/2026 at 9:22:50 AM

https://www.stepsecurity.io/blog/miasma-worm-hits-microsoft-... mentions that it plants `.claude/settings.json`, `.gemini/settings.json`, `.cursor/rules/setup.mdc`, and `.vscode/tasks.json` to execute its payload as a setup task.

VSCode will be used by plenty of non-AI-using developers, and the credential harvester is not specific to AI API tokens, but that 3/4 of the targets are AI coding tools is I assume where the claim comes from.

by Ukv

6/9/2026 at 10:30:48 AM

> you can skip the slop and read the real information here: (link that is obviously written by AI)

by trumpdong

6/9/2026 at 12:29:49 PM

And?

If the techchurch post is written by a human then I'll take this as an example that humans outslop AI.

by raincole

6/9/2026 at 9:26:17 AM

Do I remember correctly when techcrunch was charging $10k per month for a square banner on its website, 2005? And that was considered the top, for a tech blog. Even then they posted slop.

by sourcecodeplz

6/9/2026 at 8:29:51 AM

The Age of Agentic Development.

by dude250711

6/9/2026 at 9:56:57 AM

I haven’t worked on any web app in months, I don’t use LLMs, I update my Linux system once a month, and I increasingly feel I should just not do anything, not install or update any software and for the love of God, do not touch anything that’s shipped with npm.

Most of my userspace apps are in Flatpak sandboxes (yeah they are not great), but otherwise it feels like isolation and airgapping is the most sensible solution for now, and it’ll get increasingly worse unless the vibe coders somehow learn how to write robust software.

It’s like during the black plague: the (software) world has become dangerous, we have no way to contain it, it is unfeasible to remove yourself completely from the world, so you better pray really hard you don’t catch the bug and infect your peers. How’s that for a field we used to call software engineering or computer science?

by sph

6/9/2026 at 12:56:09 PM

Can't say I expect better. This is part of why I've been jumping away from things acquired/owned by them for the past 13+ years.

by skeledrew

6/9/2026 at 9:08:19 AM

It actually feels like nothing is safe now every day you hear about hacking is it from the ai making development weak or ai is getting strong in hacking

by yossufyahia

6/9/2026 at 9:09:57 AM

It was never safe to begin with, that is why the security community has been screaming for resources since the 80s.

by Zolomon

6/9/2026 at 10:35:46 AM

If the security community had unlimited resources you wouldn't be able to do very much with computers. Security and usability are opposite ends of a spectrum. Either you can do a lot (usability) or you can do little (security).

by trumpdong

6/9/2026 at 12:37:00 PM

Disagree, availability is part of security. That's why denial of service attacks are a security issue. Bad enough usability is indistinguishable from a DoS attack.

by SAI_Peregrinus

6/9/2026 at 8:43:53 AM

I hate to be the "I told you" guy but... I told you and have been for years. And every time I do, a flock of sloppers come to say "but have you tried the claude sloppus, it's so good man, I haven't written any code in X months". Well.. Enjoy.

by axegon_

6/9/2026 at 9:03:25 AM

[dead]

by glemmaPaul

6/9/2026 at 12:34:25 PM

And the criminals found that Microsoft has yet to produce and AI worth stealing. A deeply ironic twist.

by opsnooperfax

6/9/2026 at 12:47:52 PM

That makes for a funny tongue in cheek comment, but it's not MS's AI they're after, it's end user secrets, and the exploits target multiple LLMs. (by adding commands to relevant MD files)

by bdcravens

6/9/2026 at 10:10:57 AM

GitHub keeps on having problems a LOT in the last months.

Skynet is winning now.

by shevy-java

6/9/2026 at 11:10:19 AM

Waze can be a psi to vibe code vanilla at the end of the day or bubblesort (RBAC) Knit365,the clippy knitting assistant support hotline can hotnet to mortal Kombat as k2tog Cymux,we lost the Sigint.

by devilfileprong

6/9/2026 at 8:29:54 AM

guys. what the fuck. are we even doing.

by ares623

6/9/2026 at 8:48:35 AM

We are ever-faster approaching the Anti Singularity, the moment when everything "tech" implodes and progress screeches to a halt.

by nDRDY

6/9/2026 at 8:53:44 AM

What if this is "The Great Filter?" [Ominous music plays in the background]

by narrator

6/9/2026 at 10:20:22 AM

We've got a few candidates for that on the go and this is for sure one of them.

by natebc

6/9/2026 at 11:08:22 AM

It's not like they're mutually exclusive. In fact, multiple candidates seem to be quite sympathetic in their feedback loops.

by aaaronic

6/9/2026 at 11:03:40 AM

That would be when we've automated stuff to the point where [machinery breaking down] causes a large majority of humans to die from starvation.

And then go on to repeat that mistake by re-building without using the lessons from previous catastrophe(s).

Sadly that last part sounds fairly common for humans... 8-|

So yeah. Maybe. Possible.

by RetroTechie

6/10/2026 at 1:39:57 AM

We're already there since without the Haber–Bosch process billions would starve.

by narrator

6/9/2026 at 9:00:45 AM

Downloading OpenBSD and going off-grid. How about you?

by christophilus

6/9/2026 at 8:38:33 AM

getting deeper and deeper. the question is what goes one when breaches reach opensource-based stuff running nuclear reactors. i'd be concerned.

by larodi

6/9/2026 at 10:37:24 AM

People say nuclear reactors are completely safe if properly constructed and operated and the waste danger is overblown if properly managed.

There aren't many institutions extant today that I could trust to properly construct and operate a nuclear reactor, never mind manage nuclear waste for the next 100000 years.

The Trump government just decided that there is an acceptable level to irradiate the population by the way (abandoned the linear-no-threshold model of radiation's effects on an organism)

by trumpdong

6/9/2026 at 1:04:45 PM

Good. Let it all implode.

by 349187

6/9/2026 at 2:45:50 PM

I have not read the article, but it's interesting to be at a point where the headline is so bad that it deserves commenting on its own; i.e. understanding that there is no way possible for the connotation (not denotation) of the headline to be "correct."

The connotation here being either "open source is dangerous" or "Microsoft's specific brand of open source is dangerous" -- which coincidentally provides good clickbait for both "pro-open source" and "anti open source" types.

Anyway, not reading. They should do better.

by jrm4

6/9/2026 at 10:39:02 AM

If you want to be taken seriously, don't use Windows.

by pluc

6/9/2026 at 8:11:52 AM

another day, another supply chain vulnerability

by TZubiri

6/9/2026 at 5:04:14 PM

[flagged]

by synapsehire

6/10/2026 at 1:31:06 AM

[flagged]

by flowbarai

6/9/2026 at 3:14:54 PM

[dead]

by Ile09

6/9/2026 at 9:12:05 AM

[dead]

by verminator468

6/9/2026 at 8:33:52 AM

[dead]

by Lapsa