GitHub Got Hacked Through a VS Code Extension. Here's the Full Technical Story.
Pramod Dhakal1mo ago
From the article
On May 18, a poisoned Nx Console VS Code extension was live on Microsoft’s marketplace for 18 minutes. One GitHub employee installed it. By May 20, ~3,800 internal repos were reportedly exfiltrated and auctioned for $50K. Here’s the full attack chain, payload analysis.
Continue reading on HitechiesYou might also wanna read
GitHub confirms Nx Console extension was initial access vector
ThreatLocker·13d ago
GitHub confirms breach of 3,800 repos via malicious VSCode extension
bleepingcomputer.com·1mo ago
VS Code vulnerability in github.dev allows attackers to steal GitHub OAuth tokens via malicious links
Security researcher Ammar Askar released exploit code for a Visual Studio Code vulnerability that can steal GitHub OAuth tokens when a victi
Malicious VS Code AI Extensions with 1.5M Installs Secretly Harvest Developer Codebases
Two popular VS Code AI coding extensions with 1.5 million installs have been identified as malicious, secretly harvesting developers' entire
GitHub Zero-Day in github.dev Could Expose Developer OAuth Tokens
Security researcher Ammar Askar disclosed a zero-day vulnerability in GitHub's browser-based VSCode environment (github.dev) that could expo
GitHub Disables 73 Microsoft Repositories After Miasma Worm Attack
On June 5, GitHub disabled 73 Microsoft-owned repositories after the Miasma worm (a variant of Mini Shai-Hulud) infiltrated projects across

Comments
Sign in to join the conversation.
No comments yet. Be the first.