GitHub has confirmed a security breach involving its internal code repositories, compromised through a malicious Visual Studio Code extension. The breach affected approximately 3,800 internal repositories, though external user data and repositories remain unaffected. The attackers, identified as TeamPCP, have claimed responsibility and are attempting to sell the stolen data on underground forums.
In response, GitHub has removed the malicious extension, isolated affected devices, and rotated critical credentials. The company is conducting a thorough investigation and plans to release a comprehensive incident report. Developers are advised to proactively rotate API keys and credentials as a precautionary measure.
GitHub Internal Code Repositories Breached via Malicious VS Code Extension
Aviso legal: El contenido de Phemex News es únicamente informativo.No garantizamos la calidad, precisión ni integridad de la información procedente de artículos de terceros.El contenido de esta página no constituye asesoramiento financiero ni de inversión.Le recomendamos encarecidamente que realice su propia investigación y consulte con un asesor financiero cualificado antes de tomar cualquier decisión de inversión.