Attackers took over the publisher token for Nx Console, which has about 2.2 million installs. They...

Nx Console 18.95.0 fetched a 498 KB stealer via GitHub orphan commit, exposing developer secrets and forcing credential rotation.

GitHub blamed the latest in a growing list of hacks claimed by TeamPCP on a poisoned VS Code extension.

A GitHub employee has unwittingly allowed 3,800 internal repositories to be breached after a device compromise with a poisoned VS Code extension.

GitHub confirmed an attacker was able to access its internal repositories after a code extension breach, with TeamPCP claiming credit.

GitHub has confirmed that roughly 3,800 internal repositories were breached after one of its employees installed a malicious VS Code extension.

GitHub has confirmed that roughly 3,800 internal repositories were hacked after an employee installed an infected VS Code extension.

Around 3,800 repositories of GitHub internal code have been exfiltrated, company rotates credentials as devs ponder the implications

GitHub says it has already rotated critical secrets and credentials following the breach

GitHub has confirmed an attack via an extension for Visual Studio Code. The stolen data is apparently for sale on a cybercrime forum.

TeamPCP exfiltrated 3,800 internal GitHub repositories after poisoning a VS Code extension. No customer data was affected, the company says.

Yesterday, GitHub said it had detected and contained a compromise of an employee device involving a...

TeamPCP gained access to GitHub's private source code after an employee unknowingly installed a malicious coding tool.

The company traced the incident to a “poisoned” VS Code extension on an employee’s device. While the hacking group TeamPCP has claimed responsibility for the breach, GitHub says…

GitHub confirmed attackers stole 3,800 internal repositories via a poisoned VS Code extension. The same threat group, TeamPCP, simultaneously compromised Microsoft's durabletask…

If any impact is discovered, customers will be notified via established incident response and notification channels.

GitHub Breach via VSCode Extension, ZTE Router CVE-2026-34472, & Public Repo Secrets...

GitHub confirms breach of 3,800 internal repos after employee installs poisoned VS Code extension - SiliconANGLE

GitHub lost 3,800 internal repos after poisoned Nx Console update exposed developer credentials and supply-chain risk.

GitHub just confirmed 3,800 repos got breached through one malicious VSCode extension. Here's the 5-minute audit every vibe coder should run tonight — before the next one ships.

GitHub says the hackers who breached 3,800 internal repositories gained access via a malicious version of the Nx Console VS Code extension, compromised in last week's TanStack npm…