GitHub confirms breach — thousands of internal repositories hit

TeamPCP continues its attack on open source projects, now apparently asking for $50,000.

GitHub confirms breach of 3,800 repos via malicious VSCode extension

GitHub has confirmed that roughly 3,800 internal repositories were breached after one of its employees installed a malicious ...

A Hacker Group Is Poisoning Open Source Code at an Unprecedented Scale

GitHub is just the latest victim of TeamPCP, a gang that has carried out a spree of software supply chain attacks that has impacted hundreds of organizations.
Infosecurity Magazine

GitHub Confirms Breach of Internal Repositories Via Malicious VS Code Extension

The Microsoft-owed software developer platform, GitHub, has confirmed a third-party has gained unauthorized access to 3800 ...

Inside the GitHub Breach: The suspicious extension that exposed internal repositories and what went wrong

GitHub has contained a breach involving unauthorized access to thousands of internal repositories, allegedly linked to a ...
Windows Report

GitHub Confirms Breach After Malicious VS Code Extension Exposed 3,800 Repositories

GitHub confirmed a breach affecting about 3,800 internal repositories after an employee installed a malicious VS Code ...

GitHub says internal repos exfiltrated after poisoned VS Code extension attack

GitHub, the world's biggest code repository and DevOps platform, fell victim to a malicious Visual Studio Code (VS Code) ...
Infosecurity Magazine

GitHub Breach Traced to Malicious 'Nx Console' VS Code Extension

A threat actor compromised an Nx developer and posed as a legitimate maintainer to publish a malicious extension on Visual ...
Bleeping Computer

'WhiteCobra' floods VSCode market with crypto-stealing extensions

A threat actor named WhiteCobra has been targeting VSCode, Cursor, and Windsurf users by planting 24 malicious extensions in the Visual Studio marketplace and the Open VSX registry. The campaign is ...