GitHub has disclosed a security breach involving an intrusion on employee devices through a compromised VS Code extension. The company has detected and contained the incident, removing the malicious extension version and isolating affected terminals while initiating an emergency response. Preliminary assessments indicate that the breach resulted in the exposure of internal repository data, with attackers claiming access to approximately 3,800 repositories, aligning with initial investigation findings. Binance founder CZ has advised developers to review and replace any API keys in their code, even if stored in private repositories.