XDA Developers on MSN

A poisoned VS Code extension led to a GitHub breach, and Microsoft owns every link in the chain

Microsoft has had a VS Code extension for a long time, and it finally came back to bite them.
Windows Report

GitHub Confirms Breach After Malicious VS Code Extension Exposed 3,800 Repositories

GitHub confirmed a breach affecting about 3,800 internal repositories after an employee installed a malicious VS Code ...
The Hacker News

GitHub Internal Repositories Breached via Malicious Nx Console VS Code Extension

GitHub lost 3,800 internal repos after poisoned Nx Console update exposed developer credentials and supply-chain risk.
The Next Web

GitHub confirms hackers stole thousands of internal code repositories after employee installed a poisoned VS Code extension

TeamPCP exfiltrated 3,800 internal GitHub repositories after poisoning a VS Code extension. No customer data was affected, the company says.

GitHub confirms 3,800 internal repos stolen through poisoned VS Code extension as supply chain worm hits Microsoft’s Python SDK

GitHub confirmed attackers stole 3,800 internal repositories via a poisoned VS Code extension. The same threat group, TeamPCP ...
Infosecurity Magazine

GitHub Breach Traced to Malicious 'Nx Console' VS Code Extension

A threat actor compromised an Nx developer and posed as a legitimate maintainer to publish a malicious extension on Visual ...