GitHub泄露事件追溯到被投毒的开发者工具
Read, Watch or Listen
On May 24, 2026, Microsoft-owned GitHub confirmed that an external threat group, identified as TeamPCP, compromised parts of its internal codebase through a software supply chain attack. According to GitHub and independent security researchers, the intrusion was traced to a malicious update of the widely used Visual Studio Code extension "Nx Console," which had about 2.2 million installations. The tainted extension, distributed through official channels, executed code on developers’ machines to exfiltrate GitHub session tokens, credentials, and configuration files. Using these stolen credentials, attackers accessed private repositories and pivoted into GitHub’s internal infrastructure. GitHub’s CISO said an internal investigation began immediately after detecting anomalous activity.
Prepared by Jonathan Pierce and reviewed by editorial team.
Timeline of Events
- 2026年初,Nx Console 被广泛采用
- 2026年初,攻击者渗透扩展项目
- 2026年初,中毒的 Nx Console 更新发布
- 2026年初,开发者安装恶意扩展更新
- 2026年初,payload 窃取 GitHub 访问凭据
- 2026年初,攻击者转向 GitHub 基础设施
- 2026年5月24日,GitHub 确认内部代码库泄露
- 2026年5月24日,CISO 宣布正在进行违规调查
Why This Matters to You
此次泄露事件会影响您的隐私和安全。如果您是使用 GitHub 的开发者,您的代码和凭证可能面临风险。请检查您的扩展程序,特别是 Nx Console,以防范任何可疑的更新。将此信息转发给您的编程朋友会很有帮助。
The Bottom Line
一个有毒的工具破坏了GitHub的内部代码库。攻击者利用了一个被污染的扩展程序窃取了凭证并访问了私人存储库。GitHub正在调查此事,但全部影响尚不清楚。请留意您的账户,保持警惕。
- Articles Published:
- 1
- Right Leaning:
- 0
- Left Leaning:
- 0
- Neutral:
- 1
- Distribution:
- Left 0%, Center 100%, Right 0%
源文件中未指定。
源文件中未指定。
Coverage of Story:
From Left
No left-leaning sources found for this story.
From Right
No right-leaning sources found for this story.
Comments