GitHub
-
techMalicious ‘TrapDoor’ Targets Crypto and AI Developers
A supply chain attack dubbed ‘TrapDoor’ deploys over 34 malicious packages targeting crypto, AI, and security developers.
-
techHacker Group TeamPCP Poisons Open Source Code at Unprecedented Scale
TeamPCP has breached GitHub and hundreds of firms via software supply chain attacks, using a self-spreading worm to steal credentials and data.
-
techGitHub Breach: Hacker Group Steals 3,800 Internal Repos via Poisoned VS Code Extension
GitHub confirmed a breach where a poisoned VS Code extension led to the exfiltration of 3,800 internal repositories. Customer data was not impacted.
-
techGitHub Breached: 3,800 Internal Repos Stolen via Poisoned VS Code Extension
TeamPCP compromised GitHub via a malicious VS Code extension, stealing source code for Actions, Copilot, and CodeQL, now sold for $50,000.
-
techGitHub Confirms Theft of 3,800 Internal Repos via Malicious VS Code Extension
A GitHub employee installed a poisoned VS Code extension, leading to the exfiltration of roughly 3,800 internal code repositories by hacker group TeamPCP.
-
techGitHub Probes Data Breach After Employee Device Hijacked via Malicious VS Code Extension
GitHub investigates unauthorized access to internal repositories after an employee device was compromised. Hacker group TeamPCP claims to have stolen 4,000 private repos.
-
cryptoLitecoin Foundation Discrepancy Over Recent Network Exploit
Litecoin's Mimblewimble Extension Block (MWEB) protocol faced a 13-block reorganization. The Foundation claims a zero-day exploit, but GitHub commit history suggests otherwise, indicating a privately patched vulnerability.
-
techAnthropic's DMCA Takedown Accidentally Targets Legitimate GitHub Forks
Anthropic's effort to remove leaked Claude Code source code led to overreach, catching legitimate public repositories in the sweep.