This is bad...

TL;DR

GitHub's internal repos were breached via a malicious VS Code extension, exposing Microsoft's systemic failure to secure its extension marketplace.

Key Points

• 1.GitHub confirmed unauthorized access to its internal repositories. An employee's device was compromised via a poisoned VS Code extension, leading to exfiltration of roughly 3,800 internal repos, with critical secrets rotated immediately after detection.
• 2.The attack vector was Microsoft's own VS Code extension marketplace. The NX console extension — with 2.2 million installs and a verified publisher badge — was compromised on May 18th; a malicious version was live for only 18 minutes on VS Marketplace and 36 minutes on Open VSX.
• 3.The root cause traces back to the broader Shyllet supply chain attack. A contributor's GitHub token was scraped in an earlier attack and used to publish the malicious NX console release, meaning attackers are still working through a giant pile of stolen credentials to find new exploits.
• 4.VS Code's auto-update mechanism is a direct push channel for malware. Updates fire within minutes of publishing via gallery sync — not just the 12-hour fallback timer — so any developer who opened the extension sidebar during the malicious window could have been infected automatically.
• 5.npm's trusted publishing fix is inadequate and misleading. The Tanstack compromise happened through trusted publishing itself, exploiting the 'pull_request_target' trigger to poison GitHub Actions caches — invalidating npm's claim that trusted publishing prevents these attacks.
• 6.Security firm Socket detected these attacks before Microsoft did, yet has no takedown button. Socket raised a $60M Series C at a $1B valuation — a 6% sale signaling financial strength — while npm and GitHub still haven't given them automated tooling to remove malicious packages.
• 7.The NX CEO accepted partial responsibility, but the host argues Microsoft is primarily at fault. Jeff Cross of Narwhal confirmed the GitHub breach involved the NX console extension and pledged security hardening, but the host insists Microsoft's platform failures — not open source maintainers — are the root problem.
• 8.Proposed fixes include staged rollouts, mandatory update audits, and a reversible publish flow. A 12-hour delay before auto-updates propagate, automated agent-based auditing of high-download packages, and a malicious-release notification system could have prevented this entire incident.