The attack vector was a malicious version of the popular Nx Console VS Code extension, which was used to steal developer secrets and credentials to compromise CI/CD pipelines and exfiltrate private repositories. The article does not provide a CVE, CVSS score, specific affected version ranges, fixed versions, or workarounds for the compromised extension.
GitHub CISO Alexis Wales has named the malicious VS Code extension behind the breach they suffered at the hands of the threat group TeamPCP: Nx Console, a popular developer tool with 2.2 million installs. A malicious version of the otherwise benign extension was used to steal secrets and developer credentials, which were then used to move through CI/CD pipelines and exfiltrate around 3,800 of GitHub’s private code repositories. One missed token, many victims The company … More → The post GitHub, Grafana Labs breaches traced back to TanStack supply chain compromise appeared first on Help Net Security .