GitHub Investigates Major Hack Claim as TeamPCP Offers 4,000 Private Code Repositories for Sale

GitHub is investigating an alleged breach after TeamPCP claimed access to nearly 4,000 private repositories, though no impact on customer data has been confirmed.
Infosecurity Magazine

GitHub Breach Traced to Malicious 'Nx Console' VS Code Extension

A threat actor compromised an Nx developer and posed as a legitimate maintainer to publish a malicious extension on Visual Studio Marketplace

CISA Contractor Exposed Sensitive Credentials in Public GitHub Repository

CISA is investigating after a contractor’s public GitHub repository exposed AWS GovCloud credentials, internal files, and passwords.
Tech Times

GitHub CISO Names Nx Console as Root of 3,800-Repo Breach: OpenAI, Grafana Also Hit

GitHub CISO Alexis Wales confirmed Thursday that a poisoned build of the Nx Console Visual Studio Code extension — live on Microsoft’s official Visual Studio Marketplace for just 18 minutes on May 18 — gave threat group TeamPCP enough access to exfiltrate approximately 3,

GitHub faces a fight for its survival at Microsoft

GitHub is battling outages, security issues, and a talent exodus. is a senior correspondent and author of Notepad, who has been covering all things Microsoft, PC, and tech for over 20 years. When Microsoft announced it was acquiring GitHub in a $7.

Microsoft's GitHub confirms cyberattack involving unauthorised access of nearly 3,800 repositories

GitHub has confirmed a cyberattack after a threat actor claimed to have stolen and listed company data for sale. The breach involved unauthorised access to internal repositories via a "poisoned" VS Code extension,