GitHub Internal Repositories Breached via Malicious Nx Console VS Code Extension

Published: 2 weeks ago (May 21, 2026 at 12:27 AM EDT)

1 min read

Source: The Hacker News

GitHub on Wednesday officially confirmed that the breach of its internal repositories was the result of a compromise of an employee device involving a poisoned version of the Nx Console Microsoft Visual Studio Code (VS Code) extension.

The development comes as the Nx team revealed that the extension, nrwl.angular-console, was breached after one of its developers’ systems was hacked in the

Back to Blog

GitHub confirms breach of 3,800 repos via malicious VSCode extension

!https://www.bleepstatic.com/content/hl-images/2026/05/20/GitHub.jpg Incident Overview GitHub confirmed that roughly 3,800 internal repositories were breached a...

GitHub links repo breach to TanStack npm supply-chain attack

markdown !https://www.bleepstatic.com/content/hl-images/2026/05/21/GitHub_headpic.jpg GitHub says the hackers who breached 3,800 internal repositories gained ac...

Investigating unauthorized access to GitHub’s internal repositories

Incident Overview On Monday May 18, we detected and contained a compromise of an employee device involving a poisoned VS Code extensionhttps://github.com/nrwl/...

GitHub's Internal Repos Breached Via Employee's Use of Malicious VS Code Extension

Incident Overview Longtime Slashdot reader Himmy32 reports that GitHub announced on X that its internal repositories were breached through a compromised VS Cod...

Related posts

GitHub confirms breach of 3,800 repos via malicious VSCode extension

GitHub links repo breach to TanStack npm supply-chain attack

Investigating unauthorized access to GitHub’s internal repositories

GitHub's Internal Repos Breached Via Employee's Use of Malicious VS Code Extension