Skip to main content

Tag: malicious vs code extension

3 articles

Developer workstation with laptop, coding tools, and scattered papers.

GitHub Breach Exposes 3,800 Repositories via Malicious VS Code Extension

GitHub's security chief confirms that customer data remains safe, with no evidence of impact outside of GitHub's internal repositories. The breach originated from a poisoned VS Code extension installed on a compromised employee device, allowing attackers to steal credentials.

Analyst 207
Cluttered developer workstation with laptop and monitor in bright office setting.

GitHub Hit by Internal Repo Breach via Malicious VS Code Extension

GitHub's internal repositories were breached after a malicious Visual Studio Code extension was used to launch the attack, but thankfully, customer data appears to be safe. The incident has left users wondering what else may have been compromised.

Analyst 207
Developer workstation with laptop, monitor, and office supplies in a neutral background.

GitHub Breach Exposes 3800 Internal Repositories to Malicious VS Code Extension

GitHub's security team swiftly contained a breach that exposed 3,800 internal repositories to a malicious VS Code extension, and immediately took action to prevent further damage. The company has completed critical secret rotations and is now meticulously analyzing logs to ensure the incident is fully resolved.

Analyst 207