GitHub has confirmed that roughly 3,800 internal repositories were breached after one of its employees installed a malicious VS Code extension.
Follow up to https://lemmy.zip/post/64666730
You must log in or # to comment.
For anyone who just read the title, it was repositories of the GitHub source code itself that were breached. Not private repositories belonging to users.
You think an org like github/Microsoft would be running extension allow lists on vscode.
