> TritonInfoSec News
Home / May 22, 2026 / Story
0
#1 The Hacker News general May 21, 2026 at 04:27 UTC

GitHub Internal Repositories Breached via Malicious Nx Console VS Code Extension

By [email protected] (The Hacker News)

AI Summary

GitHub confirmed that threat actor TeamPCP breached its internal repositories by compromising an employee device via a poisoned version of the Nx Console VS Code extension (nrwl.angular-console), part of the TanStack npm supply-chain attack. Approximately 3,800 internal repositories were exfiltrated, though GitHub stated customer data was unaffected. This incident underscores the severe risk posed by malicious VS Code extensions and third-party developer tooling as an attack vector against high-value targets.

Read full article → https://thehackernews.com/2026/05/github-internal-…

Relevance score: 88.0/100

# More from May 22

  1. 2
    Microsoft Warns of Two Actively Exploited Defender Vulnerabilities The Hacker News
  2. 3
    9-Year-Old Linux Kernel Flaw Enables Root Command Execution on Major Distros The Hacker News
  3. 4
    Max severity Cisco Secure Workload flaw gives Site Admin privileges BleepingComputer
  4. 5
    Highly Critical Drupal Core Flaw Exposes PostgreSQL Sites to RCE Attacks The Hacker News
  5. 6
    Alleged Kimwolf Botmaster ‘Dort’ Arrested, Charged in U.S. and Canada Krebs on Security
  6. 7
    Hackers bypass SonicWall VPN MFA due to incomplete patching BleepingComputer
  7. 8
    Chinese hackers target telcos with new Linux, Windows malware BleepingComputer
  8. 9
    European authorities take down prolific cybercrime VPN service CyberScoop
  9. 10
    7-Eleven confirms breach after ShinyHunters claims The Record