GitHub says internal repos exfiltrated after poisoned VS Code extension attack
Initial assessment says customer data spared while users wonder what else may have slipped out
GitHub, the world's biggest code repository and DevOpsplatform, fell victim to a malicious Visual Studio Code (VS Code) extension. The company's initial assessment is that only internal repositorieswere exfiltrated.
The incident was reported by GitHub on X, with follow-up posts revealing a "poisonedVS Code extension" as the cause. The Microsoft-owned code shack continues to "analyzelogs, validate secret rotation, and monitor for any follow-on activity."
One GitHub postreferences "the attacker's current claims of ~3,800 repositories" asconsistent with its investigation. This may refer to a post attributed to TeamPCP, the malware crew linked to the Shai-Hulud worm, the code for which has been published and caused widespread damage.
Ina post, the crew advertised GitHub's internal source code for sale, claiming around 4,000 repositories. They said it was not a ransom and if no buyer was...
Copyright of this story solely belongs to theregister.com. To see the full text click HERE
