Morning Overview on MSN

Hackers just walked off with 3,800 of GitHub’s internal code repositories — smuggled out by a single poisoned plugin a GitHub developer trusted

Somewhere inside GitHub, a developer installed a Visual Studio Code extension. It looked like any other productivity plugin ...
Morning Overview on MSN

GitHub confirms TeamPCP walked off with 3,800 internal repositories — and the gang is auctioning them on a dark-web forum at a minimum price of $50,000

A single browser tab, a single click on “Install,” and a cybercriminal group called TeamPCP was inside GitHub’s own house.

GitHub confirms breach of 3,800 internal repos after employee installs poisoned VS Code extension

GitHub confirms breach of 3,800 internal repos after employee installs poisoned VS Code extension - SiliconANGLE ...

GitHub says internal repos exfiltrated after poisoned VS Code extension attack

GitHub, the world's biggest code repository and DevOps platform, fell victim to a malicious Visual Studio Code (VS Code) ...
Infosecurity Magazine

GitHub Breach Traced to Malicious 'Nx Console' VS Code Extension

A threat actor compromised an Nx developer and posed as a legitimate maintainer to publish a malicious extension on Visual ...
Tech Times

GitHub CISO Names Nx Console as Root of 3,800-Repo Breach: OpenAI, Grafana Also Hit

GitHub CISO Alexis Wales confirmed Thursday that a poisoned build of the Nx Console Visual Studio Code extension — live on ...
Visual Studio Magazine

GitHub Ships Early December Copilot Updates Across Spaces, Visual Studio and Model Options

GitHub kicked off this month with a cluster of GitHub Copilot updates spanning the Copilot Spaces collaboration surface, the Visual Studio IDE experience, and the available model lineup in Copilot ...