"GitHub confirmed it was hacked and attackers had stolen data from around 3,800 internal code repositories. The code hosting and sharing giant said in a series of posts on X that it has "no evidence of impact to customer information stored outside of GitHub's internal repositories," but noted its investigation was ongoing. GitHub said it "detected and contained a compromise of an employee device involving a poisoned VS Code extension," referring to a plugin for Visual Studio Code, a popular code editor that developers use for programming."
"Hackers are increasingly targeting popular open-source projects, including coding extensions, with the aim of compromising developers' computers and their projects. Targeting popular projects allows hackers to gain access to vast numbers of computers at the same time, magnifying the impact of their attacks. GitHub did not name the compromised extension. The Record and Bleeping Computer report that a hacking group called TeamPCP has taken credit for the GitHub breach, and is selling the data on a cybercrime forum."
"GitHub did not immediately respond to a request for comment about the incident, or answer questions on whether it has received any communication from the hackers, such as a demand for ransom. TeamPCP previously claimed credit for a data breach at the European Commission that resulted in the theft of more than 90 gigabytes of data from the cloud storage of the EU's executive arm. The hackers had stolen the European Commission's cloud key during an earlier breach at Trivy, a vulnerability scanning tool, by pushing info-stealing malware to Trivy's downstream users."
"OpenAI was also targeted recently in a similar but separate attack that saw hackers break into Tanstack, a platform used by web developers, to push updates containing malware that let the hackers steal passwords and tokens from users."
GitHub confirmed a hack in which attackers stole data from around 3,800 internal code repositories. GitHub stated there was no evidence of impact to customer information stored outside its internal repositories, while its investigation continued. The company said it detected and contained a compromise of an employee device involving a poisoned VS Code extension, a plugin for the Visual Studio Code editor. The incident reflects a broader trend of attackers targeting popular open-source projects and coding extensions to compromise developers’ computers and projects at scale. GitHub did not name the compromised extension. A hacking group called TeamPCP reportedly claimed responsibility and is selling the stolen data on a cybercrime forum. TeamPCP previously claimed a breach involving the European Commission, and similar tactics were used in an attack targeting Tanstack to steal passwords and tokens.
Read at TechCrunch
Unable to calculate read time
Collection
[
|
...
]