Crossposted from this Lemmy post
Full quote of @github’s thread on X:
We are sharing additional details regarding our investigation into unauthorized access to GitHub’s internal repositories.
Yesterday we detected and contained a compromise of an employee device involving a poisoned VS Code extension. We removed the malicious extension version, isolated the endpoint, and began incident response immediately.
Our current assessment is that the activity involved exfiltration of GitHub-internal repositories only. The attacker’s current claims of ~3,800 repositories are directionally consistent with our investigation so far.
We moved quickly to reduce risk. Critical secrets were rotated yesterday and overnight with the highest-impact credentials prioritized first.
We continue to analyze logs, validate secret rotation, and monitor for any follow-on activity. We will take additional action as the investigation warrants.
We will publish a fuller report once the investigation is complete.
You must log in or # to comment.
Perfect showcase of Microsoft security.
I mean, any organization can have a random guy install some crap on their pc. Humans are often the weakest link, I am not a microsoft fanboy and usually despise them, but in this case it looks like they are clearly communicating and performing the right steps.
Hate them when they deserve it, because they usually do. Here nothing points to something nefarious besides the attack itself.