Tech Times

GitHub CISO Names Nx Console as Root of 3,800-Repo Breach: OpenAI, Grafana Also Hit

GitHub CISO Alexis Wales confirmed Thursday that a poisoned build of the Nx Console Visual Studio Code extension — live on Microsoft’s official Visual Studio Marketplace for just 18 minutes on May 18 — gave threat group TeamPCP enough access to exfiltrate approximately 3,
PCMag on MSN

Hackers infiltrate GitHub by compromising employee device

GitHub traced the breach to a malicious version of a Visual Studio Code extension, underscoring the threat of hackers manipulating popular developer tools.
Infosecurity Magazine

GitHub Breach Traced to Malicious 'Nx Console' VS Code Extension

A threat actor compromised an Nx developer and posed as a legitimate maintainer to publish a malicious extension on Visual Studio Marketplace

Inside the GitHub Breach: The suspicious extension that exposed internal repositories and what went wrong

GitHub has contained a breach involving unauthorized access to thousands of internal repositories, allegedly linked to a malicious VS Code extension and claimed by the Team PCP hacking group
Visual Studio Magazine

The Next Generation of Developer Productivity with GitHub Copilot and Visual Studio

Simona Liao and Leah Tran, product managers at Microsoft, discuss how GitHub Copilot in Visual Studio has evolved from a code completion tool into an agent-driven development workflow -- and share practical tips for developers and teams looking to integrate AI into their everyday processes.