GitHub says internal repos exfiltrated after poisoned VS Code extension attack

GitHub, the world's biggest code repository and DevOps platform, fell victim to a malicious Visual Studio Code (VS Code) ...
Infosecurity Magazine

GitHub Breach Traced to Malicious 'Nx Console' VS Code Extension

A threat actor compromised an Nx developer and posed as a legitimate maintainer to publish a malicious extension on Visual ...

GitHub confirms breach of 3,800 internal repos after employee installs poisoned VS Code extension

GitHub confirms breach of 3,800 internal repos after employee installs poisoned VS Code extension - SiliconANGLE ...
Morning Overview on MSN

GitHub just confirmed hackers broke into its own code through a poisoned coding tool — slipping in on a developer’s laptop without anyone noticing for days

Sometime in early 2025, an attacker slipped malicious code into a Visual Studio Code extension, and a GitHub employee ...
Windows Report

GitHub Confirms Breach After Malicious VS Code Extension Exposed 3,800 Repositories

GitHub confirmed a breach affecting about 3,800 internal repositories after an employee installed a malicious VS Code ...
Guru3D

Malicious VS Code Extension Linked to Theft of 3,800 GitHub Repositories

A reported software supply chain attack involving a malicious Visual Studio Code extension has exposed the growing security ...
The Hacker News

GitHub Internal Repositories Breached via Malicious Nx Console VS Code Extension

GitHub lost 3,800 internal repos after poisoned Nx Console update exposed developer credentials and supply-chain risk.

Inside the GitHub Breach: The suspicious extension that exposed internal repositories and what went wrong

GitHub has contained a breach involving unauthorized access to thousands of internal repositories, allegedly linked to a ...