Skip to main content
Emerging ThreatsData Breaches

GitHub Discloses Breach from Poisoned VS Code Extension

Developer workstation with laptop and monitor showing Visual Studio Code interface with a blurred section, set against a…

“The company’s current assessment is that the activity involved GitHub-internal repositories only.”

GitHub’s account: detection, containment, and an internal impact

Late Tuesday, GitHub said it detected a compromise that originated from a poisoned Visual Studio Code extension, and took immediate containment steps: it removed the malicious extension version, isolated the affected endpoint, and began an incident response investigation. The Microsoft-owned company posted its updates on X and said its current assessment is that the activity involved GitHub-internal repositories only.

GitHub said it rotated critical secrets on Tuesday, prioritizing the highest-impact credentials first, and that its teams continued to analyze logs, validate the secret rotation, and monitor for follow-on activity. The company also said it has no evidence that customer data stored outside the affected repositories was affected. GitHub added it would publish a fuller report when the investigation is complete.

Nx Console: a compromised maintainer and a pushed malicious release

Information surfaced that links the incident to a prior compromise involving an Nx Console maintainer. According to a security advisory posted on GitHub, leaked GitHub credentials from that earlier incident were used to push a malicious version of Nx Console to the Visual Studio Code Marketplace; those credentials have since been temporarily revoked.

Nx Console, a widely used Visual Studio Code tool that helps engineering teams organize large JavaScript codebases, coordinate build pipelines and run tests, has “millions of installs,” the reporting notes — exactly the sort of tool that sits deep inside developers’ working environments and can access source code, credentials and build systems.

NX CEO Jeff Cross posted on X that Microsoft initially indicated there were 28 installs of the malicious version 18.95.0. Cross wrote that, based on NX’s analytics, “we currently believe the number of users who received the malicious package may be significantly higher; potentially over 6k installs.” He added: “This is my top priority right now,” and that NX’s team is “focused on understanding exactly what happened, helping affected users, hardening our systems and release processes, and being as transparent as possible throughout the investigation.”

TeamPCP’s claim and the repositories reportedly for sale

The hacking group TeamPCP, previously associated with attacks targeting software development packages, claimed on a cybercrime forum that 3,800 repositories were impacted and advertised the material for sale, threatening to release it if no buyer emerged. GitHub said that TeamPCP’s figure was “directionally consistent” with its investigation so far but has not publicly attributed the activity to any particular group.

The company also has not named the specific extension involved.

Why VS Code extensions matter — and what researchers warn

The episode underscores the positional risk posed by extensions that run inside developers’ editors. Security researchers have observed trojanized VS Code extensions before — including malicious packages that stole credentials, mined cryptocurrency or exfiltrated data — and those packages have sometimes accumulated large installations before removal.

Charlie Eriksen, a security researcher at Aikido Security, told CyberScoop: “The thing people underestimate about VS Code extensions is that they have full access to everything on the developer’s machine. EDR doesn’t cover this layer at all. What’s missing for most organisations is any kind of visibility into what’s actually running on developer machines and the ability to control it.”

How GitHub, NX, and developers are responding

  • GitHub: conducting a formal incident response, isolating the compromised endpoint, rotating critical secrets with highest-impact credentials prioritized, analyzing logs and monitoring for follow-on activity; it has promised a fuller public report when the investigation concludes.
  • NX (Nx Console): working with Microsoft to determine scope; using its own analytics to reassess install counts of the compromised package and focusing on remediation, user support, and hardening release processes.
  • Developers and organizations using VS Code extensions: facing a renewed reminder that extensions operate inside development environments and can reach source code, credentials and build systems — a risk highlighted by the multiple supply chain incidents cited alongside this case (npm, PyPI, Docker and other ecosystems).

The technical trail in this incident runs from a leaked maintainer credential to a pushed malicious package, to internal repository access and a claim of thousands of repos on a cybercrime forum. GitHub’s containment and credential rotations are concrete steps, but the company has not named the extension and has said only that internal repositories appear to be the extent of the impact so far. The next clear milestone will be the fuller investigation report GitHub has promised — and whether it confirms the scale implied by TeamPCP’s claim and NX’s reassessment of installs for version 18.95.0.

Original story