Tag: repository breach
4 articles

GitHub Breach Exposes 3800 Repositories via Poisoned VS Code Extension
A malicious Visual Studio Code extension, Nx Console, was briefly listed on official registries and used to breach GitHub, exposing approximately 3,800 internal repositories to unauthorized access. The popular extension, with 2.2 million installs, was compromised for just 18 minutes, but long enough to cause significant damage.

Grafana Breach Exposed by TanStack Supply Chain Attack
Grafana Labs revealed that a supply chain attack led to an unauthorized download of its codebase, exposing a vulnerability that allowed attackers to gain access to its GitHub repositories through a missed workflow token. The breach was detected on May 11, with the company swiftly rotating tokens, but unfortunately, one was overlooked.

GitHub Breach Exposes 3,800 Internal Repositories
GitHub has confirmed a significant breach, revealing that hackers made off with approximately 3,800 internal repositories after a developer fell victim to a poisoned VS Code script. Fortunately, the company assures that customer data appears to be safe, and the incident seems to be contained within GitHub's internal systems.

GitHub Breach Exposes 3800 Internal Repositories to Malicious VS Code Extension
GitHub's security team swiftly contained a breach that exposed 3,800 internal repositories to a malicious VS Code extension, and immediately took action to prevent further damage. The company has completed critical secret rotations and is now meticulously analyzing logs to ensure the incident is fully resolved.