“Yesterday we detected and contained a compromise of an worker system involving a poisoned VS [Visual Studio] Code extension. We eliminated the malicious extension model, remoted the endpoint, and started incident response instantly,” GitHub mentioned.
“Our present evaluation is that the exercise concerned exfiltration of GitHub-internal repositories solely. The attacker’s present claims of ~3,800 repositories are directionally in keeping with our investigation thus far.”
GitHub added: “We proceed to research logs, validate secret rotation, and monitor for any follow-on exercise. We’ll take further motion because the investigation warrants.” The corporate promised to publish a full incident report as soon as it had accomplished its investigations.
That determine tallied with an earlier declare by the TeamPCP risk group that it had breached 4,000 repos, full with a risk to leak the stolen code if no purchaser prepared to pay not less than “50k” was discovered. The group backed up its declare by posting a listing of the breached repositories on the LimeWire content material sharing platform.
