GitHub confirms breach of 3,800 repos via malicious VSCode extension

GitHub has confirmed that roughly 3,800 internal repositories were breached after one of its employees installed a malicious ...
Memeburn

GitHub Hack Exposes 3,800 Repos and a Bigger VS Code Risk

GitHub hack exposed 3,800 internal repos through a poisoned VS Code extension, raising new concerns over developer supply ...

GitHub confirms 3,800 internal repos stolen through poisoned VS Code extension as supply chain worm hits Microsoft’s Python SDK

GitHub confirmed attackers stole 3,800 internal repositories via a poisoned VS Code extension. The same threat group, TeamPCP ...

Megalodon cyberattack infects 5,500 GitHub open-source repositories with malware, researchers say

Security researchers say 5,500 GitHub repositories have been affected by the attack.
Visual Studio Magazine

VS Code 1.121 Adds Remote Agents, Boosts Claude Code Functionality Again

Visual Studio Code 1.121 focuses on agent workflows, model configuration, terminal behavior and built-in preview features -- and features another update to Claude Code functionality.
InfoWorld

GitHub admits major source code leak after 3,800 internal repositories breached

Microsoft’s GitHub has suffered what appears to be its biggest ever security breach after confirming that attackers ...
BeInCrypto

Changpeng Zhao Warns Crypto Devs to Rotate API Keys After GitHub Hack

GitHub says a poisoned VS Code extension exposed 3,800 internal repos as Binance founder CZ tells crypto devs to rotate keys.

The GitHub hack was one plugin away from being your problem too

An infected VS Code extension compromised around 3,800 repositories owned by GitHub. And that's something that all developers ...
Morning Overview on MSN

The GitHub break-in began on one developer’s laptop and a poisoned coding add-on — then spread to the keys guarding code inside thousands of companies

Sometime in early 2026, a software developer did what millions of programmers do every week: updated a dependency. The ...

Apple shares iPhone and Mac post-quantum cryptography code on GitHub

Apple today published new corecrypto source code on GitHub, alongside a detailed technical post explaining the intricate work behind its post-quantum cryptography efforts.
Tech Times

Claude Code Plugins Get Official Directory: Anthropic Flags Unverified MCP Risks

Claude Code plugins now have an official Anthropic-managed directory at github.com/anthropics/claude-plugins-official, consolidating 30-plus internal and 15 vetted external Claude Code extensions behi ...
Morning Overview on MSN

GitHub just confirmed hackers broke into its own code through a poisoned coding tool — slipping in on a developer’s laptop without anyone noticing for days

Sometime in early 2025, an attacker slipped malicious code into a Visual Studio Code extension, and a GitHub employee ...