深潮TechFlow
深潮TechFlow|May 20, 2026 04:25
[GitHub Security Incident Investigation Update: Employee Targeted by Malicious VS Code Plugin, Approximately 3,800 Internal Repositories Stolen] Deep Tide TechFlow reports that on May 20, according to GitHub's official account (@github), a security incident was detected on May 20, 2026, caused by an employee's device being infected with a malicious VS Code extension. The attacker infiltrated the employee's device through the extension and successfully stole data from approximately 3,800 internal GitHub repositories. GitHub responded swiftly by removing the malicious extension version, isolating the infected endpoint, and completing critical credential rotations on the day of the incident and overnight, prioritizing sensitive credentials with high impact levels. Currently, GitHub is continuing to analyze logs, verify the results of the credential rotations, and monitor for subsequent abnormal activities. A full report will be released upon the completion of the investigation. GitHub stated that the incident is currently assessed to involve only the leakage of internal repository data, with no evidence indicating that user data has been affected.
+5
Mentioned
Share To

Timeline

HotFlash

APP

X

Telegram

Facebook

Reddit

CopyLink

Hot Reads