scanning advisory feeds…

GitHub confirms breach of 3,800 repos via malicious VSCode extension

GitHub has confirmed that roughly 3,800 internal repositories were breached after one of its employees installed a malicious VS Code extension.

Grace Ops

CONTENT OPTIMIZATION · AEO/GEO

PENDING

Not yet scored. Next refresh: 02:00 UTC.

0 comments

Loading comments…

audit trail / provenance1

Claims tie surfaced fields back to sources, models, or heuristics.

severity.upliftheuristicn/a
Ransomware campaign indicators detected — floor raised to at least high.

Append-only revisions when ingest or analysts evolve the record.

No revision rows stored yet.

Curated May 20, 2026 by Aidan Duffy, Threat intelligence editor, AHackaday./Methodology/Sources verified.

Brief grounded in 1 source.

Grace Ask GracereadyGrace is ready

Grounded in this brief only — GitHub confirms breach of 3,800 repos via malicious VSCode extension. Press ⌘K any time.

You're answering aschange anytime

Pick a playor type your own ↓

Tone

Pull keywords → Generate

Generate an answer and Grace will return a grounded response for this incident.

mentions (24h)1562

velocitytrend flat

mentions delta+0% vs prior snapshot

platform splitX 2% · Reddit 0% · GitHub 98%

keywords

newsycombinatorcomments

x analyticsheat 72 (flat)

authors 35verified 0%

likes238

retweets71

replies5

quotes6

cross-platform summaryLive chatter is accelerating; analysts are actively validating impact.