GitHub confirms 3,800 internal repos stolen through poisoned VS Code extension as supply chain worm hits Microsoft’s Python SDK

GitHub confirmed attackers stole 3,800 internal repositories via a poisoned VS Code extension. The same threat group, TeamPCP ...
The Hacker News

GitHub Internal Repositories Breached via Malicious Nx Console VS Code Extension

GitHub lost 3,800 internal repos after poisoned Nx Console update exposed developer credentials and supply-chain risk.

GitHub says internal repos exfiltrated after poisoned VS Code extension attack

GitHub, the world's biggest code repository and DevOps platform, fell victim to a malicious Visual Studio Code (VS Code) ...
Morning Overview on MSN

GitHub just confirmed hackers broke into its own code through a poisoned coding tool — slipping in on a developer’s laptop without anyone noticing for days

Sometime in early 2025, an attacker slipped malicious code into a Visual Studio Code extension, and a GitHub employee ...
Windows Report

GitHub Links Internal Repository Breach To TanStack Supply-Chain Attack

GitHub says the breach of roughly 3,800 internal repositories was tied to the wider TanStack npm supply-chain attack.
India Today on MSNOpinion

GitHub suffers breach in internal code, hackers claim they have source code for sale

GitHub's source code is allegedly on sale online. Hackers claim that they will release it for free if they don't find a buyer ...

Apple shares iPhone and Mac post-quantum cryptography code on GitHub

Apple today published new corecrypto source code on GitHub, alongside a detailed technical post explaining the intricate work behind its post-quantum cryptography efforts.