GitHub has reported a security breach where internal code repositories were accessed following a compromise of a Visual Studio Code extension. The attackers reportedly injected malicious code into the extension, which then allowed them to exfiltrate data from private repositories. While initial assessments indicate that customer data was not affected, the incident has raised concerns about the security of development tools and the potential for wider data exposure. AI
Summary written by gemini-2.5-flash-lite from 1 source. How we write summaries →
IMPACT Highlights security risks associated with AI-powered development tools and the potential for supply chain attacks.
RANK_REASON Security incident involving a third-party tool (VS Code extension) affecting a platform (GitHub).
