BleepingComputer
GitHub confirms breach of 3,800 repos via malicious VSCode extension
By Sergiu Gatlan ·
bleepingcomputer.com
· 5 Fediverse mentions
Summary
GitHub has confirmed that roughly 3,800 internal repositories were breached after one of its employees installed a malicious VS Code extension. The company has since removed the unnamed trojanized extension from the VS Code marketplace and has secured the compromised device.