Skip to main content

Tag: nx console

3 articles

Cluttered developer workstation with laptop, monitor, and notes, VS Code on screen.

Linux Flaws Expose Critical Infrastructure to Root Command Execution

GitHub confirmed that a compromised employee device, infected by a poisoned Nx Console VS Code extension, led to the theft of around 3,800 internal repositories, sparking swift action to contain the breach and protect sensitive data. The incident highlights the vulnerability of even the most secure systems to supply chain attacks.

Analyst 207
Developer workstation with VS Code on laptop and monitor, subtle security threat hinted in background.

GitHub Breach Exposes 3800 Repositories via Poisoned VS Code Extension

A malicious Visual Studio Code extension, Nx Console, was briefly listed on official registries and used to breach GitHub, exposing approximately 3,800 internal repositories to unauthorized access. The popular extension, with 2.2 million installs, was compromised for just 18 minutes, but long enough to cause significant damage.

Analyst 207
Blurred developer workstation with laptop, smartphone, and tablet nearby.

GitHub Breach Exposes 3,800 Repos to TanStack Supply-Chain Attack

A single malicious Visual Studio Code extension, Nx Console version 18.95.0, was enough to spark a GitHub breach that exposed 3,800 internal repositories to a TanStack supply-chain attack. The poisoned extension was live on marketplaces for just 54 minutes, but long enough to steal credentials from a developer's machine.

Analyst 207