A poisoned VS Code extension led to a GitHub breach, and Microsoft owns every link in the chain
A compromised Visual Studio Code extension led to a significant breach at GitHub. The malicious extension, which had millions of installs, allowed attackers to steal credentials from a GitHub employee's machine. Microsoft, which operates the marketplace for these extensions, is facing scrutiny for the security lapse.
- ▪The trojanized version of the Nx Console extension was available for about 18 minutes before being taken down.
- ▪Attackers were able to clone approximately 3,800 internal GitHub repositories due to the credential theft.
- ▪GitHub confirmed that there was no evidence of public or private customer repositories being affected.
Opening excerpt (first ~120 words) tap to expand
{ "@context": "https://schema.org", "@type": "BreadcrumbList", "itemListElement": [ { "@type": "ListItem", "position": "1", "name": "Home", "item": "https://www.xda-developers.com/" }, { "@type": "ListItem", "position":"2", "name": "Software and Services", "item": "https://www.xda-developers.com/software-and-services/" }, { "@type": "ListItem", "position":"3", "name": "A poisoned VS Code extension led to a GitHub breach, and Microsoft owns every link in the chain", "item": "https://www.xda-developers.com/poisoned-vs-code-extension-github-breach-microsoft-owns-every-link/" } ] } A poisoned VS Code extension led to a GitHub breach, and Microsoft owns every link in the chain By Adam Conway Published May 26, 2026, 6:00 PM EDT I’m Adam Conway, an Irish technology fanatic with a BSc in Computer…
Excerpt limited to ~120 words for fair-use compliance. The full article is at XDA Developers.
Discussion
0 commentsMore from XDA Developers
