GitHub confirms hackers stole data from 3,800 internal repositories in a recent breach (opens in new tab)

attackers accessed data from around 3,800 internal repositories after compromising an employee device. The breach was traced to a poisoned version of the nrwl.angular-console extension, which is associated with the Nx Console project. there is no evidence that customer data outside its internal repositories was affected, though the company is still investigating and will notify customers if any impact is confirmed. The malicious extension was available for only 18 minutes on May 18, 2026, but...