abadideainfo on the github breach appears to only be available on xitter 🙄 , I fished it out for you.
gonna gently push back that there's no reason (according to github's version of the story) to associate this with AI or with spectacular incompetence on the part of the employee; the issue is that industry standard, extremely widely used text editor Visual Studio Code has a big button that says "click here to add useful functionality to do your job" that has a 1% chance of installing ransomware
Ian@0xabad1dea Or the extension was legitimate and got compromised (their use of the term "poisoned" makes me think that).
Supply chain attacks are on the rise; the best course of action is to admit when they happen, learn from them, and use those learnings to prevent it in the future.
JA@soviut @0xabad1dea Checkmarkx (appsec company!) recently couldn't kick out the attackers for a month, so one of their recommended action to clients was to disable auto update of the Checkmarkx extension in VSCode (which was poisoned)