GitHub says internal repos exfiltrated after poisoned VS Code extension attack

GitHub, the world's biggest code repository and DevOps platform, fell victim to a malicious Visual Studio Code (VS Code) ...
Morning Overview on MSN

GitHub just confirmed hackers broke into its own code through a poisoned coding tool — slipping in on a developer’s laptop without anyone noticing for days

Sometime in early 2025, an attacker slipped malicious code into a Visual Studio Code extension, and a GitHub employee ...
The Hacker News

GitHub Internal Repositories Breached via Malicious Nx Console VS Code Extension

GitHub lost 3,800 internal repos after poisoned Nx Console update exposed developer credentials and supply-chain risk.
PCMag on MSN

Hackers infiltrate GitHub by compromising employee device

GitHub traced the breach to a malicious version of a Visual Studio Code extension, underscoring the threat of hackers ...
Tech Times

GitHub CISO Names Nx Console as Root of 3,800-Repo Breach: OpenAI, Grafana Also Hit

GitHub CISO Alexis Wales confirmed Thursday that a poisoned build of the Nx Console Visual Studio Code extension — live on ...

Inside the GitHub Breach: The suspicious extension that exposed internal repositories and what went wrong

GitHub has contained a breach involving unauthorized access to thousands of internal repositories, allegedly linked to a ...
Visual Studio Magazine

The Next Generation of Developer Productivity with GitHub Copilot and Visual Studio

Simona Liao and Leah Tran, product managers at Microsoft, discuss how GitHub Copilot in Visual Studio has evolved from a code completion tool into an agent-driven development workflow -- and share ...