XDA Developers on MSN

A poisoned VS Code extension led to a GitHub breach, and Microsoft owns every link in the chain

Microsoft has had a VS Code extension for a long time, and it finally came back to bite them.

GitHub says internal repos exfiltrated after poisoned VS Code extension attack

GitHub, the world's biggest code repository and DevOps platform, fell victim to a malicious Visual Studio Code (VS Code) ...
Windows Report

GitHub Confirms Breach After Malicious VS Code Extension Exposed 3,800 Repositories

GitHub confirmed a breach affecting about 3,800 internal repositories after an employee installed a malicious VS Code ...
Guru3D

Malicious VS Code Extension Linked to Theft of 3,800 GitHub Repositories

A reported software supply chain attack involving a malicious Visual Studio Code extension has exposed the growing security ...

GitHub confirms 3,800 internal repos stolen through poisoned VS Code extension as supply chain worm hits Microsoft’s Python SDK

GitHub confirmed attackers stole 3,800 internal repositories via a poisoned VS Code extension. The same threat group, TeamPCP ...
Geeky Gadgets

16 VS Code Extensions to Transform Your Coding Workflow in 2025

If you’ve ever found yourself staring at your Visual Studio Code (VS Code) setup, wondering if it could work just a little harder for you, you’re not alone. As developers, we spend countless hours in ...
Infosecurity-magazine.com

Malicious VS Code Extensions Exploit Name Reuse Loophole

A new campaign involving malicious Visual Studio Code (VS Code) extensions has exposed a loophole in the VS Code Marketplace that allows threat actors to reuse names of previously removed packages.

GitHub confirms breach — thousands of internal repositories hit

TeamPCP continues its attack on open source projects, now apparently asking for $50,000.
Memeburn

GitHub Hack Exposes 3,800 Repos and a Bigger VS Code Risk

GitHub hack exposed 3,800 internal repos through a poisoned VS Code extension, raising new concerns over developer supply ...