GitHub Repositories Breached via Malicious VS Code Extension
GitHub confirmed a breach of 3,800 internal repositories due to a malicious version of the Nx Console VS Code extension. This attack is linked to the TanStack npm supply-chain incident. The breach allowed attackers to gain unauthorized access to source code, potentially impacting the security of numerous projects. Security teams should immediately audit dependencies and monitor for unusual access patterns.