Bleeping Computer

GitHub links repo breach to TanStack npm supply-chain attack

GitHub says the hackers who breached 3,800 internal repositories gained access via a malicious version of the Nx Console VS Code extension, compromised in last week's TanStack npm supply-chain attack.

GitHub says a data breach impacted 3,800 internal repositories.

The company traced the incident to a “poisoned” VS Code extension on an employee’s device. While the hacking group TeamPCP has claimed responsibility for the breach, GitHub says it has since removed ...

GitHub confirms breach of 3,800 repos via malicious VSCode extension

GitHub has confirmed that roughly 3,800 internal repositories were breached after one of its employees installed a malicious ...