Discussion

• @couts Andrew Couts on bluesky

  NEW: This week's GitHub breach is just the latest in a string of at least 20 software supply chain attacks carried out by the hacker group TeamPCP. @agreenberg.bsky.social and @lhn.bsky.social report: www.wired.com/story/teampc...

• @AnnaAnthro@mastodon.social Anna Anthro on mastodon

  A #Hacker Group Is Poisoning Open Source Code at an Unprecedented Scale |  WIRED  —  “ #GitHub is just the latest victim of TeamPCP, a gang that has carried out a spree of software supply chain attacks that has impacted hundreds of organizations.”  —  https://www.wired.com/...

• @jeffbcross Jeff Cross on x

  We're continuing to work with Microsoft and GitHub to investigate the impact of the malicious Nx Console version 18.95.0. I'll share any updates on X (@jeffbcross and @NxDevTools) as well as in our security advisory: https://github.com/.... Initially, Microsoft indicated to us

• @akses_0x00 @akses_0x00 on x

  Github hack was via this extension nrwl.angular-console VSIX Starting to get detected by more than just VT now https://www.virustotal.com/... https://opensourcemalware.com/ ...

• @nxdevtools @nxdevtools on x

  SECURITY ADVISORY: A malicious version of Nx Console v18.95.0 was published today at 2:36 PM CEST and was available for 11 minutes, until 2:47 PM CEST, when we patched the issue. Nx Console v18.100.0 is the latest safe version to use. More info: https://github.com/...

• @dartilesm Diego Artiles on x

  The Nx team is being transparent. Genuinely. But “28 installs per Microsoft” vs “6000 activations per our analytics” is a hell of a gap for one supply-chain weekend. If download stats are that wrong for a 2.2M-install extension — what else are we undercounting in the npm and

• @daniellockyer Daniel Lockyer on x

  Nooooo pleaseeeee Daily security incidents across the entire tech world right now 🫠

• @jeffbcross Jeff Cross on x

  @akses_0x00 @NxDevTools We published the detailed security advisory on GitHub and posted about it on X and Discord immediately after patching on Monday. I'm actually still waiting for confirmation from GitHub that Nx Console was the unnamed VSC extension in their postmortem, but …

• @mattjay Matt Johansen on x

  Looks like this is the extension that popped GitHub. So the hackers used the same MO as npm worm - but instead of a wormy boy - they pushed a malicious VS Code extension out. Nx Console says they see evidence of ~6k downloads of the malware.

• @vxunderground @vxunderground on x

  [image]

• @sigkitten @sigkitten on x

  this garbage tool got compromised AGAIN

• @andyjabbour Andy Jabbour on bluesky

  2026 is awesome.  '"We are here today to advertise GitHub's source code and internal orgs for sale," TeamPCP wrote on BreachForums... “Everything for the main platform is there..."' new from @agreenberg.bsky.social & @lhn.bsky.social in @wired.com www.wired.com/story/teampc... @g…

• @stephenturner.us Stephen Turner on bluesky

  A VS Code extension waltzes into GitHub and runs out with 3,800 internal repositories. github.blog/security/inv...  [embedded post]

• @campuscodi@mastodon.social Catalin Cimpanu on mastodon

  The Nx Dev Tools CEO confirms that his company's Nx Console VS Code extension served as the initial entry point for the GitHub repo hack: https://x.com/...  Nx incident: https://github.com/...  Step Security report: https://www.stepsecurity.io/ ...

• r/technology r on reddit

  A Hacker Group Is Poisoning Open Source Code at an Unprecedented Scale

• r/pwnhub r on reddit

  A Hacker Group Is Poisoning Open Source Code at an Unprecedented Scale

• r/cybersecurity r on reddit

  GitHub links repo breach to TanStack npm supply-chain attack

• r/blackhat r on reddit

  A Hacker Group Is Poisoning Open Source Code at an Unprecedented Scale