ChainCatcher report: GitHub has updated its investigation details regarding the unauthorized access incident to internal repositories: Yesterday, GitHub detected and contained an incident involving a compromised employee device, which was infected via a malicious VS Code extension. GitHub removed the malicious extension, isolated affected endpoints, and immediately initiated its incident response. Current assessments indicate that data exfiltration occurred only from GitHub’s internal repositories; the attacker’s claim of approximately 3,800 repositories aligns closely with the investigation findings. GitHub has prioritized rotating critical credentials, is analyzing logs, verifying credential rotation, and monitoring for further activity, and will release a full report upon completion of the investigation. Additionally, 23pds, Chief Information Security Officer at SlowMist, posted regarding this incident: “Analyzing leaks on cybercrime forums suggests that hackers may have used Anthropic’s Mythos security AI to precisely breach GitHub’s defenses and steal around 4,000 core internal repositories containing source code for Copilot, CodeQL algorithms, Actions runtime, and the entire billing system. Further analysis of this code could enable additional attacks and have profound security implications for the broader open-source community.”
GitHub Updates Security Incident: Employee Device Compromised via Malicious VS Code Extension
ChaincatcherShare
Summary
GitHub confirmed that an employee device was compromised through a malicious VS Code extension, potentially leading to data exfiltration from internal repositories. The attacker claimed access to 3,800 repositories, consistent with early findings. GitHub has rotated credentials and is monitoring for additional suspicious activity. Security experts suggest the breach may have involved advanced AI tools, possibly targeting core systems such as Copilot and billing. Traders analyzing support and resistance levels in crypto markets may need to adjust their strategies in light of heightened security concerns.
Source:Show original
Disclaimer: The information on this page may have been obtained from third parties and does not necessarily reflect the views or opinions of KuCoin. This content is provided for general informational purposes only, without any representation or warranty of any kind, nor shall it be construed as financial or investment advice. KuCoin shall not be liable for any errors or omissions, or for any outcomes resulting from the use of this information.
Investments in digital assets can be risky. Please carefully evaluate the risks of a product and your risk tolerance based on your own financial circumstances. For more information, please refer to our Terms of Use and Risk Disclosure.