GitHub has confirmed a security breach involving its internal code repositories, compromised through a malicious Visual Studio Code extension. The breach affected approximately 3,800 internal repositories, though external user data and repositories remain unaffected. The attackers, identified as TeamPCP, have claimed responsibility and are attempting to sell the stolen data on underground forums.
In response, GitHub has removed the malicious extension, isolated affected devices, and rotated critical credentials. The company is conducting a thorough investigation and plans to release a comprehensive incident report. Developers are advised to proactively rotate API keys and credentials as a precautionary measure.
GitHub Internal Code Repositories Breached via Malicious VS Code Extension
Aviso Legal: O conteúdo disponibilizado no Phemex News é apenas para fins informativos. Não garantimos a qualidade, precisão ou integridade das informações provenientes de artigos de terceiros. Este conteúdo não constitui aconselhamento financeiro ou de investimento. Recomendamos fortemente que você realize suas próprias pesquisas e consulte um consultor financeiro qualificado antes de tomar decisões de investimento.