fast-draft Open VSX Extension Compromised by BlokTrooper
The fast-draft Open VSX extension was compromised to deploy a BlokTrooper RAT and infostealer via GitHub-hosted payloads. Multiple malicious versions identified. Category: Vulnerabilities & Threats
Read the full articleYou might also wanna read
GitHub Confirms Breach of Internal Repositories Via Malicious VS Code Extension
The prolific threat group TeamPCP has claimed a hack into GitHub’s internal repositories
GitHub Breach Traced to Malicious 'Nx Console' VS Code Extension
A threat actor compromised an Nx developer and posed as a legitimate maintainer to publish a malicious extension on Visual Studio Marketplac

GitHub Breached via Poisoned VS Code Extension
GitHub has confirmed the exfiltration of roughly 3,800 internal repositories. A poisoned VS Code extension is to blame, highlighting severe
GitHub confirms breach of 3,800 repos via malicious VSCode extension
Previous thread in sequence: GitHub is investigating unauthorized access to their internal repositories - - May 2026 (321 comments) Comments

GitHub Got Hacked Through a VS Code Extension. Here's the Full Technical Story.
On May 18, a poisoned Nx Console VS Code extension was live on Microsoft’s marketplace for 18 minutes. One GitHub employee installed it. By
GitHub confirms Nx Console extension was initial access vector
A GitHub breach caused by an employee device utilizing malicious VS code led to attackers compromising more than 3,800 internal repositories

Comments
Sign in to join the conversation.
No comments yet. Be the first.