VMTech
+381 11 4150 20024/7 Discuss a project
← All Instagram insights VMTECH · INSTAGRAM

GitHub: VS Code extension attack — data exfiltrated from ~3,800 internal repositories

GitHub: атака через расширение VS Code — похищены данные из ~3,800 внутренних репозиториев

Colleagues, please note: GitHub has confirmed a security breach.

GitHub stated that threat actors exfiltrated data from approximately 3,800 internal repositories. The company detected the compromise via an employee device and a trojanized VS Code extension. GitHub reports no evidence of impact to customer data outside internal repositories; the investigation is ongoing. The group TeamPCP has claimed responsibility and is reportedly offering the stolen data for sale.

Why this matters: attacks on extensions and open-source software threaten software supply chains and development environments.

What mitigation measures do you consider priorities to protect the development environment?

#cybersecurity #development #DevSecOps #OSS

Latest comments

No comments yet.