Skip to main content

Tag: code poisoning

2 articles

Developer workstation with laptop, coding tools, and scattered papers.

GitHub Breach Exposes 3,800 Repositories via Malicious VS Code Extension

GitHub's security chief confirms that customer data remains safe, with no evidence of impact outside of GitHub's internal repositories. The breach originated from a poisoned VS Code extension installed on a compromised employee device, allowing attackers to steal credentials.

Analyst 207
Developer workstation with laptop and monitor showing Visual Studio Code interface with a blurred section, set against a…

GitHub Discloses Breach from Poisoned VS Code Extension

GitHub swiftly detected and contained a security breach that originated from a tainted Visual Studio Code extension, taking immediate action to remove the malicious version and isolate the affected endpoint. The breach appears to be limited to GitHub's internal repositories, with the company rotating critical secrets and conducting a thorough investigation.

Analyst 207