Tag: github breach
7 articles

Linux Flaws Expose Critical Infrastructure to Root Command Execution
GitHub confirmed that a compromised employee device, infected by a poisoned Nx Console VS Code extension, led to the theft of around 3,800 internal repositories, sparking swift action to contain the breach and protect sensitive data. The incident highlights the vulnerability of even the most secure systems to supply chain attacks.

GitHub Breach Exposes 3,800 Repos to TanStack Supply-Chain Attack
A single malicious Visual Studio Code extension, Nx Console version 18.95.0, was enough to spark a GitHub breach that exposed 3,800 internal repositories to a TanStack supply-chain attack. The poisoned extension was live on marketplaces for just 54 minutes, but long enough to steal credentials from a developer's machine.

GitHub Breach Exposes 3,800 Repositories via Malicious VS Code Extension
GitHub's security chief confirms that customer data remains safe, with no evidence of impact outside of GitHub's internal repositories. The breach originated from a poisoned VS Code extension installed on a compromised employee device, allowing attackers to steal credentials.

GitHub Breach Exposes 3800 Internal Repositories to Malicious VS Code Extension
GitHub's security team swiftly contained a breach that exposed 3,800 internal repositories to a malicious VS Code extension, and immediately took action to prevent further damage. The company has completed critical secret rotations and is now meticulously analyzing logs to ensure the incident is fully resolved.

GitHub Breach Exposes 3,800 Repos via Malicious VSCode Extension
GitHub recently uncovered a sneaky attack involving a tainted VS Code extension that compromised an employee's device, putting 3,800 repositories at risk. The breach was quickly contained, but not before some internal repositories were exfiltrated.

Grafana GitHub Breach Exposes Source Code in TanStack npm Attack
Grafana Labs recently reported a security breach that exposed source code and internal data, but fortunately, there's no evidence that customer production systems were compromised. The breach, detected on May 11, was confined to the company's GitHub environment and involved both public and private source code and internal repositories.

Grafana Labs Hit by GitHub Breach, Code Stolen in Ransom Demand
Grafana Labs sprang into action after a security breach at GitHub compromised its code, swiftly invalidating leaked credentials and bolstering defenses to prevent further unauthorized access. The company quickly responded to the breach, taking crucial steps to safeguard its environment.