GitHub says internal repos exfiltrated after poisoned VS Code extension attack (opens in new tab)

Covers 2 stories including Forgejo: A self-hosted lightweight software forgeCovered by 3 sources including Andrew Nesbitt, kite.kagi.com

Around 3,800 repositories of GitHub internal code have been exfiltrated, company rotates credentials as devs ponder the implications

Read the original article

Sign in to keep reading the full article.

Covered in 4 articles

Andrew Nesbitt·

This Week in Package Management: 23 May 2026

kite.kagi.com·

GitHub says poisoned extension exposed 3,800 internal repositories

GitHub says malicious VS Code extension compromised 3,800 internal repositories