The Wild West of VS Code extensions and how a poisoned extension breached GitHub
A poisoned VS Code extension breached GitHub yesterday, one day after Nx Console (2.2M installs) was compromised for 18 minutes on the Visual Studio Marketplace and reached every user with…
Read the full articleYou might also wanna read

GitHub Got Hacked Through a VS Code Extension. Here's the Full Technical Story.
On May 18, a poisoned Nx Console VS Code extension was live on Microsoft’s marketplace for 18 minutes. One GitHub employee installed it. By

GitHub Breached via Poisoned VS Code Extension
GitHub has confirmed the exfiltration of roughly 3,800 internal repositories. A poisoned VS Code extension is to blame, highlighting severe
GitHub Breach Traced to Malicious 'Nx Console' VS Code Extension
A threat actor compromised an Nx developer and posed as a legitimate maintainer to publish a malicious extension on Visual Studio Marketplac
GitHub confirms Nx Console extension was initial access vector
A GitHub breach caused by an employee device utilizing malicious VS code led to attackers compromising more than 3,800 internal repositories
Malicious VS Code AI Extensions with 1.5M Installs Secretly Harvest Developer Codebases
Two popular AI coding extensions with 1.5M installs secretly harvest your entire codebase and profile you. Both are still live in the market
GitHub confirms breach of 3,800 repos via malicious VSCode extension
Previous thread in sequence: GitHub is investigating unauthorized access to their internal repositories - - May 2026 (321 comments) Comments

Comments
Sign in to join the conversation.
No comments yet. Be the first.