GitHub breached via a malicious VS Code extension: why developer devices are the real target
GitHub confirmed a poisoned VS Code extension compromised an employee device, exposing 3,800 internal repos. Why developer workstations are now the top supply chain target. Category: Vulnerabilities…
Read the full articleYou might also wanna read

GitHub Breached via Poisoned VS Code Extension
GitHub has confirmed the exfiltration of roughly 3,800 internal repositories. A poisoned VS Code extension is to blame, highlighting severe

GitHub Got Hacked Through a VS Code Extension. Here's the Full Technical Story.
On May 18, a poisoned Nx Console VS Code extension was live on Microsoft’s marketplace for 18 minutes. One GitHub employee installed it. By
GitHub Confirms Breach of Internal Repositories Via Malicious VS Code Extension
The prolific threat group TeamPCP has claimed a hack into GitHub’s internal repositories
GitHub confirms breach of 3,800 repos via malicious VSCode extension
Previous thread in sequence: GitHub is investigating unauthorized access to their internal repositories - - May 2026 (321 comments) Comments
GitHub confirms Nx Console extension was initial access vector
A GitHub breach caused by an employee device utilizing malicious VS code led to attackers compromising more than 3,800 internal repositories
GitHub Zero-Day in github.dev Could Expose Developer OAuth Tokens
Ammar Askar disclosed a zero-day in github.dev, GitHub’s browser-based VSCode environment, that could expose GitHub OAuth tokens. The attack

Comments
Sign in to join the conversation.
No comments yet. Be the first.