GitHub says internal repos exfiltrated after poisoned VS Code extension attack
Summary
GitHub has reported a security incident where internal source code repositories were exfiltrated due to a poisoned Visual Studio Code extension. The attackers compromised a user's GitHub account to gain access to internal systems. An initial assessment indicates that customer data was not compromised, but users are concerned about the extent of the exfiltration.
IFF Assessment
The exfiltration of internal source code repositories represents a significant security compromise that could reveal proprietary information and potentially aid future attacks.
Defender Context
This incident highlights the critical importance of securing developer tools and supply chains. Defenders should be vigilant about the security of extensions and plugins used in their development environments and implement robust access controls and monitoring for internal repositories.