THREATNOIR
Subscribe
Back to Feed
Supply ChainMay 20, 2026

RT @DarkWebInformer: GitHub confirms they were compromised after an employee device involving a p...

GitHub confirms compromise via poisoned VS Code extension on employee device.

Read at source

Summary

GitHub has confirmed a security incident involving compromise of an employee device through a malicious VS Code extension. The attack represents a supply chain compromise vector targeting developer tools. This incident highlights the risk of poisoned development environment tooling used by major platform administrators.

Indicators of Compromise

  • malware — poisoned VS Code extension

Entities

GitHub (vendor)VS Code (product)Microsoft (vendor)VS Code extensions (technology)