Stefano Marinelli

So, #GitHub has been hacked.

Own Your Data!

#OwnYourData

May 20 at 7:43amWeb
Show threadcoldclimateMay 20
@stefano source?
Show threadStefano MarinelliMay 20
@coldclimate their official profile on X
Show threaddch  May 20

@coldclimate @stefano https://xcancel.com/i/status/2056949168208552080

"Microsoft’s GitHub was compromised when a Microsoft developer using Microsoft VSCode installed a rogue extension from Microsoft’s VSCode extension library, which is moderated and hosted by Microsoft."

-- CorboDT

GitHub (@github)

1/ We are sharing additional details regarding our investigation into unauthorized access to GitHub's internal repositories. Yesterday we detected and contained a compromise of an employee device involving a poisoned VS Code extension. We removed the malicious extension version, isolated the endpoint, and began incident response immediately.

Nitter
Show threadcoldclimateMay 20
@dch @stefano lorks
Show threadVincent 🐡May 20
@dch @coldclimate @stefano Microslop is slopping again
Show threadCybarbieMay 20
@dch @coldclimate @stefano all I can say is LOLOL AYY LMAO
Show threadevie!May 20
dear god, that's the lowest of low-hanging-fruit
Show threadКу 🇧🇬🇪🇺May 20
@coldclimate yes, apparently all (or at the very least a lot) of their source is up for sale right now 😄

@stefano
Show threadJustDude 🙋🏻‍♂️🫶🏼🕊️May 20

@stefano On,y using as a reference / sourcing site.
Hope the others like codeberg grow enormously in near future

https://mastodon.social/@Tweakers/116605753514619915

Show threadSpaceLifeFormMay 20

@stefano

It started when Microsoft bought them.

Show threadomarMay 20
@stefano And like for cloudflare, aws, your customer won't complain.
Show threadRoot MooseMay 20
@stefano So many auth keys improperly obscured now in the wild...