GitHub confirms breach of 3,800 internal repos after employee installs poisoned VS Code extension

GitHub confirms breach of 3,800 internal repos after employee installs poisoned VS Code extension - SiliconANGLE ...
Microsoft

Mini Shai Hulud: Compromised @antv npm packages enable CI/CD credential theft

Hulud payload to steal CI/CD secrets from Linux-based automation environments. The malware executes during npm install and ...
InfoWorld

GitHub admits major source code leak after 3,800 internal repositories breached

Microsoft’s GitHub has suffered what appears to be its biggest ever security breach after confirming that attackers ...

Google publishes exploit code threatening millions of Chromium users

Google on Wednesday published exploit code for an unfixed vulnerability in its Chromium browser codebase that threatens ...
SecurityWeek

GitHub Confirms Hack Impacting 3,800 Internal Repositories

GitHub has confirmed that roughly 3,800 internal repositories were hacked after an employee installed an infected VS Code ...
SecurityWeek

Over 320 NPM Packages Hit by Fresh Mini Shai-Hulud Supply Chain Attack

A fresh Mini Shai-Hulud supply chain attack has hit over 320 NPM packages, along with GitHub Actions and a VS Code extension.
Dark Reading

GitHub Confirms Breach, 4K Internal Repos Stolen

GitHub confirmed today it was breached via an attacker that stole thousands of internal repositories. "As always this is not a ransom. We do not care about extorting GitHub, 1 buyer and we shred the ...