GitHub confirms 3,800 internal repos stolen through poisoned VS Code extension as supply chain worm hits Microsoft’s Python SDK

GitHub confirmed attackers stole 3,800 internal repositories via a poisoned VS Code extension. The same threat group, TeamPCP, simultaneously compromised Microsoft's durabletask Python ...
SecurityWeek

VS Code Vulnerability Allows One-Click GitHub Token Theft

A researcher has disclosed details of a severe VS Code vulnerability that can be exploited to steal GitHub tokens and access ...
Memeburn

Hackers Steal 3,800 GitHub Repos Through Fake VS Code Extension

GitHub says hackers stole about 3,800 internal repos after a poisoned VS Code extension hit an employee device ...

GitHub says hackers stole data from thousands of internal repositories

The code hosting giant GitHub said it was investigating a breach, but said there was no evidence of customer data theft.
The Next Web

One click on GitHub.dev is all it takes to hand over your private repositories

A VS Code vulnerability in GitHub.dev lets attackers steal full GitHub OAuth tokens via a single malicious link, exposing all private repositories.
Neowin

GitHub Copilot is now available for free in VS Code

To get past the above limitations, developers can subscribe to the GitHub Copilot Pro subscription, which costs $10/month. Microsoft also mentioned that this new GitHub Copilot Free pricing tier with ...
Neowin

Microsoft wants everyone to code faster as GitHub Copilot in VS Code now generally available

Back in 2021, right around the time when Windows 11 started becoming a real thing, Microsoft introduced GitHub Copilot as an extension for Visual Studio Code (VS Code). Over time, GitHub Copilot for ...