GitHub admits major source code leak after 3,800 internal repositories breached
Summary
GitHub has confirmed a significant security breach affecting approximately 3,800 internal repositories. Attackers gained access through a compromised employee device using a "poisoned" VS Code extension, leading to the exfiltration of source code.
IFF Assessment
FOE
This incident represents a significant loss of intellectual property and potential exposure of internal systems, which is detrimental to defenders.
Defender Context
This incident highlights the risks associated with supply chain attacks, particularly through software extensions and plugins. Defenders should scrutinize third-party code and extensions, implement robust credential management, and maintain vigilance for signs of unauthorized access within their development environments.