A GitHub employee has unwittingly allowed 3,800 internal repositories to be breached after a device compromise with a poisoned VS Code extension.
Miasma hit 73 Microsoft repos across four GitHub orgs, forcing access disablement and exposing open-source trust risks.
Morning Overview on MSN
GitHub confirms TeamPCP walked off with 3,800 internal repositories — and the gang is auctioning them on a dark-web forum at a minimum price of $50,000
A single browser tab, a single click on “Install,” and a cybercriminal group called TeamPCP was inside GitHub’s own house. The company has confirmed that attackers accessed roughly 3,800 of its ...
25don MSN
Megalodon cyberattack infects 5,500 GitHub open-source repositories with malware, researchers say
Security researchers say 5,500 GitHub repositories have been affected by the attack.
GitHub says hackers stole about 3,800 internal repos after a poisoned VS Code extension hit an employee device ...
CISA is investigating after a contractor’s public GitHub repository exposed AWS GovCloud credentials, internal files, and passwords.
Hackers infiltrated Microsoft's open-source projects on GitHub, embedding password-stealing malware into the code, prompting ...
A github.dev flaw could let attackers steal GitHub OAuth tokens through a one-click attack, exposing private repositories and codebases.
Private and deleted GitHub repositories are not as secure as users might assume. Data from deleted forks, deleted repositories, and private repositories can still be accessed, often indefinitely. This ...
GitHub has introduced the GitHub Copilot app, a desktop control centre for agent-native development that aims to keep ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results