Skip to main content

Tag: code marketplace

2 articles

Developer workstation with laptop, monitor, and coding tools in a modern office space.

GitHub Breach Exposes 3,800 Repos via Malicious VSCode Extension

GitHub recently uncovered a sneaky attack involving a tainted VS Code extension that compromised an employee's device, putting 3,800 repositories at risk. The breach was quickly contained, but not before some internal repositories were exfiltrated.

Analyst 207
Code editor interface with open plugin panel, generic computer screen and daylight in background.

Nx Console Extension Exploited to Steal Developer Credentials

A malicious version of the popular Nx Console Extension was published to the VS Code Marketplace, compromising over 2.2 million installations and putting developer credentials at risk. Within seconds of opening a workspace, the extension silently fetched and executed a hidden payload, allowing attackers to steal sensitive information.

Analyst 207