PCMag on MSN

Hackers infiltrate GitHub by compromising employee device

GitHub traced the breach to a malicious version of a Visual Studio Code extension, underscoring the threat of hackers manipulating popular developer tools.
Infosecurity Magazine

GitHub Breach Traced to Malicious 'Nx Console' VS Code Extension

A threat actor compromised an Nx developer and posed as a legitimate maintainer to publish a malicious extension on Visual Studio Marketplace
Tech Times

GitHub CISO Names Nx Console as Root of 3,800-Repo Breach: OpenAI, Grafana Also Hit

GitHub CISO Alexis Wales confirmed Thursday that a poisoned build of the Nx Console Visual Studio Code extension — live on Microsoft’s official Visual Studio Marketplace for just 18 minutes on May 18 — gave threat group TeamPCP enough access to exfiltrate approximately 3,

Inside the GitHub Breach: The suspicious extension that exposed internal repositories and what went wrong

GitHub has contained a breach involving unauthorized access to thousands of internal repositories, allegedly linked to a malicious VS Code extension and claimed by the Team PCP hacking group