AICRIER_2
OPEN FEED
YOU ARE VIEWING ONE ITEM FROM THE AICRIER FEED

Poisoned VS Code extension leaks GitHub code

AICrier tracks AI developer news across Product Hunt, GitHub, Hacker News, YouTube, X, arXiv, and more. This page keeps the article you opened front and center while giving you a path into the live feed.

EXPLORE LATEST FEEDSEE FEATURED PICKS

// WHAT AICRIER DOES

7+

TRACKED FEEDS

24/7

SCRAPED FEED

Short summaries, external links, screenshots, relevance scoring, tags, and featured picks for AI builders.

Poisoned VS Code extension leaks GitHub code
OPEN LINK ↗
// 14h agoSECURITY INCIDENT

Poisoned VS Code extension leaks GitHub code

ANNOUNCEMENTPRODUCTGITHUBPRODUCT HUNTX

Attackers exfiltrated 3,800 internal GitHub repositories after compromising an employee's device using a malicious VS Code extension. While internal source code was leaked, GitHub confirms no customer data or infrastructure was breached.

// ANALYSIS

This incident highlights the extreme vulnerability of the developer supply chain, where even security-mature companies like GitHub can be hit by malicious IDE extensions.

  • The use of a "poisoned" VS Code extension as an entry point bypasses many traditional perimeter defenses.
  • 3,800 repositories is a massive leak, likely including proprietary tooling and internal service logic.
  • The $50,000 asking price by TeamPCP suggests the attackers are looking for a quick payout rather than targeted long-term exploitation.
  • Rapid secret rotation is the right move, but the long-term risk of architectural knowledge leak remains high.
  • Developers should audit their own IDE extensions and consider stricter endpoint isolation for high-privilege accounts.
// TAGS
githubvs-codesecuritysupply-chainsecurity-incidentdevtoolextension

DISCOVERED

14h ago

2026-05-20

PUBLISHED

17h ago

2026-05-20

RELEVANCE

10/ 10

AUTHOR

claaams