GitHub confirms Nx Console extension was initial access vector
12d ago
Source
ThreatLockerGitHub confirms Nx Console extension was initial access vectorthreatlocker.comA GitHub breach caused by an employee device utilizing malicious VS code led to attackers compromising more than 3,800 internal repositories. TeamPCP later listed GitHub’s source code for sale.
You might also wanna read
Nx Build Kit Security Breach: Malware Steals Wallets and Credentials via GitHub Repositories
A security breach has been discovered in the popular Nx build kit where malicious post-install commands create unauthorized repositories nam
GitHub confirms breach of 3,800 repos via malicious VSCode extension
bleepingcomputer.com·1mo ago
VS Code vulnerability in github.dev allows attackers to steal GitHub OAuth tokens via malicious links
Security researcher Ammar Askar released exploit code for a Visual Studio Code vulnerability that can steal GitHub OAuth tokens when a victi
GitHub Zero-Day in github.dev Could Expose Developer OAuth Tokens
Security researcher Ammar Askar disclosed a zero-day vulnerability in GitHub's browser-based VSCode environment (github.dev) that could expo

Supply Chain Attack via Malicious Commit Hits 73 Microsoft GitHub Repositories
GitHub disabled 73 Microsoft repositories on June 5 after a malicious commit was discovered in an Azure project, part of a supply chain atta
Post-mortem Analysis of @ctrl/tinycolor npm Supply Chain Attack via GitHub Actions
A detailed post-mortem analysis of a supply chain attack on the @ctrl/tinycolor npm package. The attack occurred when a malicious GitHub Act

Comments
Sign in to join the conversation.
No comments yet. Be the first.