The Hacker News

GitHub Internal Repositories Breached via Malicious Nx Console VS Code Extension

GitHub lost 3,800 internal repos after poisoned Nx Console update exposed developer credentials and supply-chain risk.
Tech Times

500 Poisoned Packages, Hundreds of Companies: TeamPCP’s Worm Just Reached GitHub

A GitHub employee installed a routine VS Code extension update, handed cybercrime group TeamPCP enough access to exfiltrate ...
winbuzzer.com

GitHub Says VS Code Breach Exposed 3,800 Repositories

GitHub faces an internal repository breach this week after a poisoned VS Code extension on an employee device exposed roughly 3,800 internal repositories. Customer data stored outside those ...