CISO Daily Digest: Microsoft Warns of Claude Code Credential Vulnerability (20260607)

Microsoft Warns of Claude Code Credential Vulnerability

Microsoft disclosed a critical security flaw in Anthropic’s Claude Code GitHub Action integration that could allow attackers to steal credentials from compromised GitHub repositories. The vulnerability highlights the growing supply chain risks as AI-assisted development tools gain widespread adoption across enterprise environments.

• Microsoft’s security researchers identified the flaw in the Claude Code GitHub Action, which could be exploited via a malicious issue or pull request comment
• The attack vector enables credential exfiltration from repositories running Claude Code in CI/CD pipelines
• The disclosure comes amid heightened scrutiny of AI coding assistants and their security implications in enterprise DevOps workflows
• Separately, Anthropic’s Claude services experienced a significant outage affecting claude.ai, Claude Code, and Claude Cowork platforms

This incident underscores the importance of securing AI-assisted development pipelines and implementing strict access controls for CI/CD environments that integrate with agentic AI coding tools.

🔗 References: Comprehensive coverage (Decrypt) | (CyberSecurityNews)

Active threats this week

📌 Miasma Worm Targets Microsoft GitHub Repositories in Supply Chain Attack

A sophisticated worm campaign has compromised 73 Microsoft-owned GitHub repositories, using a novel technique dubbed Phantom Gyp to exfiltrate credentials and propagate through the software supply chain. The attack leverages six-stage infection chains targeting developer environments, with a Rust-based variant (IronWorm) also hitting the npm ecosystem.

🔗 Reference: The Hacker News | Dark Reading

📌 CISA Adds Actively Exploited SolarWinds Serv-U DoS Flaw to KEV

CISA has added CVE-2026-28318 — an unauthenticated denial-of-service vulnerability in SolarWinds Serv-U — to its Known Exploited Vulnerabilities catalog, mandating federal agency remediation within four days. The flaw is actively exploited in the wild, potentially enabling attackers to disrupt file transfer operations.

🔗 Reference: The Hacker News | iThome

📌 Malicious Chrome Extensions Target AI Platform Interactions

Researchers have identified a campaign of malicious Chrome extensions designed to intercept and exfiltrate conversations and sensitive data from AI platform interactions. The extensions target users of ChatGPT, Claude, and other leading AI services, capturing prompts, responses, and potentially API keys.

🔗 Reference: iThome

📌 C0XMO Botnet Exploits Legacy DD-WRT Flaws to Infect DVRs and Android Devices

The C0XMO botnet is actively scanning for and exploiting old DD-WRT firmware vulnerabilities to compromise routers, DVRs, and Android devices. The botnet expands its reach by targeting Internet of Things (IoT) devices with weak or default credentials, incorporating them into a network used for DDoS and proxy-jacking operations.

🔗 Reference: xakep.ru | The Hacker News

How Can OPSWAT Help

The Miasma worm and IronWorm supply chain attacks targeting GitHub repositories and the npm ecosystem highlight the critical need for multi-layered file security in software development pipelines. MetaDefender by OPSWAT provides multi-scanning with 30+ anti-malware engines and Content Disarm and Reconstruction (CDR) to detect and neutralize malicious code hidden in software packages and artifacts before they enter the development supply chain. With the rise of worm-capable malware targeting CI/CD environments, integrating file-level security controls at code ingestion points is becoming essential for enterprise DevSecOps.