Skip to content
  • Home
  • Cyber Map
  • About Us – Contact
  • Disclaimer
  • Terms and Rules
  • Privacy Policy
Cyber Web Spider Blog – News

Cyber Web Spider Blog – News

Globe Threat Map provides a real-time, interactive 3D visualization of global cyber threats. Monitor DDoS attacks, malware, and hacking attempts with geo-located arcs on a rotating globe. Stay informed with live logs and archive stats.

  • Home
  • Cyber Map
  • Cyber Security News
  • Security Week News
  • The Hacker News
  • How To?
  • Toggle search form
GitHub Breach via Malicious VS Code Extension

GitHub Breach via Malicious VS Code Extension

Posted on May 21, 2026 By CWS

On May 18, 2026, GitHub faced a major security breach after an attacker exploited a compromised Visual Studio Code extension to access internal source code repositories. The breach was detected when GitHub’s security team noticed unusual activities on an employee’s device.

Details of the Breach

The breach was traced back to a tainted version of the Nx Console extension, a third-party tool, which had been installed on the compromised device. GitHub promptly removed the malicious version from its marketplace and initiated comprehensive incident response procedures to address the breach.

The attackers claimed responsibility for accessing around 3,800 internal repositories. GitHub has corroborated this claim with its investigation, confirming that the breach was limited to internal repositories only, with no direct impact on customer-facing infrastructure.

Impact and Response

Despite the breach being limited to internal repositories, GitHub acknowledged that some may contain customer-related information from support interactions, posing potential secondary exposure risks. The company has assured direct communication with affected customers should any data impact be confirmed.

In response to the breach, GitHub’s security team began rotating critical credentials and continues to monitor for any signs of unauthorized access or attempts to re-establish a foothold. Their efforts include log analysis and validation of secret invalidation.

Implications for Developers

This incident underscores the risks associated with supply chain attacks involving VS Code extensions. The compromised Nx Console extension, commonly used in Angular and monorepo development, was subverted, exposing developers who installed it to potential threats.

GitHub plans to release a detailed report once the investigation concludes. Meanwhile, organizations using GitHub for development are advised to review their installed extensions, update policies, and monitor for unusual activity.

Stay informed by following us on Google News, LinkedIn, and X for more updates.

Cyber Security News Tags:Cybersecurity, data exfiltration, DevOps, GitHub, incident response, Nx Console, security breach, Software Security, supply chain attack, VS Code

Post navigation

Previous Post: Drupal Addresses Critical Vulnerability Risk
Next Post: Microsoft Alerts on Active Exploitation of Defender Vulnerabilities

Related Posts

Handala Hackers Targeted Israeli Officials by Compromising Telegram Accounts Handala Hackers Targeted Israeli Officials by Compromising Telegram Accounts Cyber Security News
Linux Kernel netfilter Vulnerability Let Attackers Escalate Privileges Linux Kernel netfilter Vulnerability Let Attackers Escalate Privileges Cyber Security News
New Malware Leverages Windows Character Map to Bypass Windows Defender and Mine Cryptocurrency for The Attackers New Malware Leverages Windows Character Map to Bypass Windows Defender and Mine Cryptocurrency for The Attackers Cyber Security News
Mirai Botnets Escalate Global Cyber Threats Mirai Botnets Escalate Global Cyber Threats Cyber Security News
Phishing Emails Spread VIP Keylogger Malware Phishing Emails Spread VIP Keylogger Malware Cyber Security News
Windows 11 And Server 2025 Will Start Caching Plaintext Credentials By Enabling WDigest Authentication Windows 11 And Server 2025 Will Start Caching Plaintext Credentials By Enabling WDigest Authentication Cyber Security News

Categories

  • Cyber Security News
  • How To?
  • Security Week News
  • The Hacker News

Recent Posts

  • Cross-Platform QuimaRAT MaaS Targets Multiple OS
  • TrojPix Hack Threatens Air-Gapped Computers
  • TrojPix Exploits Pixel Modulation to Leak Data
  • Critical Opera GX Flaw Exposes User Data to Hackers
  • SkillCloak Evades AI Scanners with New Techniques

Pages

  • About Us – Contact
  • Disclaimer
  • Privacy Policy
  • Terms and Rules

Archives

  • July 2026
  • June 2026
  • May 2026
  • April 2026
  • March 2026
  • February 2026
  • January 2026
  • December 2025
  • November 2025
  • October 2025
  • September 2025
  • August 2025
  • July 2025
  • June 2025
  • May 2025

Recent Posts

  • Cross-Platform QuimaRAT MaaS Targets Multiple OS
  • TrojPix Hack Threatens Air-Gapped Computers
  • TrojPix Exploits Pixel Modulation to Leak Data
  • Critical Opera GX Flaw Exposes User Data to Hackers
  • SkillCloak Evades AI Scanners with New Techniques

Pages

  • About Us – Contact
  • Disclaimer
  • Privacy Policy
  • Terms and Rules

Categories

  • Cyber Security News
  • How To?
  • Security Week News
  • The Hacker News

Copyright © 2026 Cyber Web Spider Blog – News.

Powered by PressBook Masonry Dark