GitHub confirms breach of 3,800 repos via malicious VSCode extension

GitHub has confirmed that roughly 3,800 internal repositories were breached after one of its employees installed a malicious ...

GitHub confirms breach — thousands of internal repositories hit after employee installs malicious VS Code extension

An archive of roughly 4,000 repositories is reportedly being offered for sale on the dark web, by threat actors known as ...
Cybernews

GitHub confirms breach after hackers put stolen source code up for sale

GitHub has confirmed that hackers breached internal repositories through a poisoned VS Code extension after stolen source ...
Spiceworks on MSN

Did AI write the worm that breached GitHub’s own house?

A single developer. One poisoned extension. Five supply chain surfaces compromised in 48 hours. And a threat group claiming ...
Compare the Cloud

GitHub VSCode extension breach exposes developer toolchain as a primary attack surface

An unauthorised group calling itself TeamPCP accessed GitHub's internal repositories, targeting VSCode extensions used by ...

GitHub links repo breach to TanStack npm supply-chain attack

GitHub says the hackers who breached 3,800 internal repositories gained access via a malicious version of the Nx Console VS ...

'Adversaries are no longer just targeting products, they're targeting the developers who build them': CrowdStrike takes down major botnet targeting developers across …

The Glassworm botnet is no more, thanks to coordinated efforts between CrowdStrike, Google, and the Shadowserver Foundation.

A Hacker Group Is Poisoning Open Source Code at an Unprecedented Scale

GitHub is just the latest victim of TeamPCP, a gang that has carried out a spree of software supply chain attacks that has ...