Microsoft disabled 70+ of its repos on GitHub, including Azure-related tools like azure-functions-host, after hackers added credential-stealing malware to them
Microsoft has cut off access to dozens of its open source projects hosted on GitHub as it investigates how hackers apparently breached …
Microsoft has shut down 70+ of its own repositories on GitHub after hackers pushed malware that would steal credentials from users of AI coding agents
Microsoft took the highly unusual step of shutting down more than 70 of its own GitHub repositories after hackers pushed malware …
GitHub links the breach of 3,800 internal repositories to the TanStack npm supply-chain attack, saying hackers used a malicious Nx Console VS Code extension
what else are we undercounting in the npm andDaniel Lockyer /@daniellockyer:Nooooo pleaseeeee Daily security incidents across the entire tech world right now 🫠Jeff Cross /@jeffbcross:@akses_0x00 @NxDe...
Socket: TeamPCP, the gang claiming GitHub's repositories breach, also executed 20 “waves” of supply chain attacks recently, compromising 500+ pieces of software
GitHub is just the latest victim of TeamPCP, a gang that has carried out a spree of software supply chain attacks that has impacted hundreds of organizations.
GitHub links the breach of 3,800 internal repositories to the TanStack npm supply-chain attack, saying hackers used a malicious Nx Console VS Code extension
GitHub says the hackers who breached 3,800 internal repositories gained access via a malicious version of the Nx Console VS Code extension …
GitHub confirms ~3,800 internal repositories were breached after one of its employees installed a malicious VS Code extension; TeamPCP claims responsibility
GitHub has confirmed that roughly 3,800 internal repositories were breached after one of its employees installed a malicious VS Code extension.
GitHub says it's investigating “unauthorized access” to its internal repositories, and there's no proof of customer data outside its repositories being impacted
We are investigating unauthorized access to GitHub's internal repositories. While we currently have no evidence of impact to customer information stored outside of GitHub's internal repositories (such...
A CISA contractor maintained a now-offline GitHub repo that exposed credentials to AWS GovCloud accounts and CISA systems; CISA is investigating the situation
Until this past weekend, a contractor for the Cybersecurity & Infrastructure Security Agency (CISA) maintained a public GitHub repository …
A CISA contractor maintained a now-offline GitHub repo that exposed credentials to AWS GovCloud accounts and CISA systems; CISA is investigating the situation
Grafana says “an unauthorized party” accessed its GitHub environment and demanded a ransom “to prevent the release of our codebase”; Grafana refused to pay
Grafana has disclosed that an “unauthorized party” obtained a token that granted them the ability to access the company's GitHub environment and download its codebase.