Chris Short
GitHub was compromised via a VSCode extension on an employee's machine. Yikes on bikes. https://x.com/github/status/2056949168208552080
GitHub (@github) on X

1/ We are sharing additional details regarding our investigation into unauthorized access to GitHub's internal repositories. Yesterday we detected and contained a compromise of an employee device involving a poisoned VS Code extension. We removed the malicious extension version,

X (formerly Twitter)
May 20 at 11:09amWeb
Show threadMiron 🇪🇺May 20
@ChrisShort It’s always NPM 🥲
Show threadunit b4412c "clover"May 22
@ChrisShort absolutely love how i cant read this thread because X requires login. corporate communication at its finest.