Following TeamPCP’s claim that they’ve breached GitHub’s own private code repositories, the Microsoft-owned company launched an investigation and confirmed the compromise. “Our current assessment is that the activity involved exfiltration of GitHub-internal repositories only. The attacker’s current claims of ~3,800 repositories are directionally consistent with our investigation so far,” GitHub stated. The source of the breach The company previously said that they have no evidence that customer information stored outside of GitHub’s internal repositories was … More →
The post TeamPCP breached GitHub’s internal codebase via poisoned VS Code extension appeared first on Help Net Security.