GitHub Breached via Poisoned VS Code Extension
GitHub has confirmed the exfiltration of roughly 3,800 internal repositories. A poisoned VS Code extension is to blame, highlighting severe supply chain risks.
Read the full articleYou might also wanna read

GitHub Got Hacked Through a VS Code Extension. Here's the Full Technical Story.
On May 18, a poisoned Nx Console VS Code extension was live on Microsoft’s marketplace for 18 minutes. One GitHub employee installed it. By
GitHub confirms breach of 3,800 repos via malicious VSCode extension
Previous thread in sequence: GitHub is investigating unauthorized access to their internal repositories - - May 2026 (321 comments) Comments
GitHub confirms Nx Console extension was initial access vector
A GitHub breach caused by an employee device utilizing malicious VS code led to attackers compromising more than 3,800 internal repositories
Malicious VS Code AI Extensions with 1.5M Installs Secretly Harvest Developer Codebases
Two popular AI coding extensions with 1.5M installs secretly harvest your entire codebase and profile you. Both are still live in the market
Snyk uncovers supply chain security vulnerabilities in Visual Studio Code extensions
This new VS Code extensions supply chain security threat has the potential to become a new attack playground, potentially impacting over 2,0
VS Code vulnerability in github.dev allows attackers to steal GitHub OAuth tokens via malicious links
A VS Code exploit for github.dev can steal GitHub OAuth tokens after one malicious link, exposing private repositories while teams await a p

Comments
Sign in to join the conversation.
No comments yet. Be the first.