According to GitHub official (@github), on May 20, 2026, GitHub detected a security incident triggered by employee devices being compromised through a malicious VS Code extension. The attackers exploited this extension to infiltrate employee devices and successfully exfiltrate data from approximately 3,800 internal GitHub repositories. GitHub responded swiftly by removing the malicious extension version, isolating infected endpoints, and rotating critical credentials on the day of the incident and overnight, prioritizing high-impact sensitive credentials. GitHub is currently continuing to analyze logs, verify the effectiveness of credential rotation, and monitor for any subsequent anomalous activity; a full report will be published upon completion of the investigation. GitHub has stated that, based on current assessments, this incident involved only the exposure of internal repository data, with no evidence indicating user data was affected.
GitHub Confirms Security Incident: Malicious VS Code Plugin Compromises 3,800 Internal Repositories
TechFlowShare
Summary
GitHub confirmed a security breach on May 20, 2026, after a malicious VS Code extension infected an employee’s device. Attackers accessed approximately 3,800 internal repositories. The company removed the extension, isolated affected devices, and rotated credentials on the same day. GitHub is now analyzing logs and monitoring for additional issues. The incident appears limited to internal data, with no user data compromised. This on-chain news underscores ongoing cybersecurity challenges in the technology sector.
Source:Show original
Disclaimer: The information on this page may have been obtained from third parties and does not necessarily reflect the views or opinions of KuCoin. This content is provided for general informational purposes only, without any representation or warranty of any kind, nor shall it be construed as financial or investment advice. KuCoin shall not be liable for any errors or omissions, or for any outcomes resulting from the use of this information.
Investments in digital assets can be risky. Please carefully evaluate the risks of a product and your risk tolerance based on your own financial circumstances. For more information, please refer to our Terms of Use and Risk Disclosure.