The Information Machine

GitHub just confirmed that attackers stole about 3,800 internal repositories after a poisoned VS Code extension compromi…

Rohan Paul Twitter · Rohan Paul (@rohanpaul_ai) · 2026-05-20

GitHub confirmed that attackers stole approximately 3,800 internal repositories after a malicious VS Code extension compromised a single employee device in a supply chain attack.

Open original ↗

Extraction

Topics: supply-chain-attackgithub-securitydeveloper-tools-security

Claims

  • Attackers stole roughly 3,800 GitHub internal repositories.
  • The attack was carried out via a poisoned VS Code extension that compromised one employee device.
  • Customer repositories were not affected; only GitHub's own internal code was stolen.
  • Leaked internal code can expose architectural designs and system secrets even without direct customer data.

Key quotes

"The reported blast radius is GitHub's own internal code, not customer repositories, but leaked internal code can still expose design..."