Data BreachBleeping Computer
8.5 — CRITICAL
GitHub links repo breach to TanStack npm supply-chain attack
GitHub says the hackers who breached 3,800 internal repositories gained access via a malicious version of the Nx Console VS Code extension, compromised in last week's TanStack npm supply-chain attack. [...]
🤖 AI BriefingAuto-generated threat analysis
🔍Threat Overview
A malicious Nx Console extension was used in a supply-chain attack, compromising GitHub repositories and allowing the TeamPCP threat group access to internal code. The breach resulted from an employee installing the malicious extension without disclosing its name.
⚙️Technical Details
Affected Systems
GitHubTanStack npm packagesMistral AI npm packagesUiPathGuardrails AIOpenSearch
Attack Vectors
Malicious Nx Console extensionCompromised CI/CD credentialsStolen GitHub CLI (gh) credentials
💥Impact Assessment
Severity: critical
Who Is at Risk
GitHub users, developers, and organizations using affected repositories and services
🛡️Recommended Actions
1Verify and update all installed VS Code extensions to ensure they are not malicious or compromised
2Rotate critical secrets and monitor GitHub repository access for any follow-on activity
3Implement additional security controls, such as two-factor authentication and code review processes, to prevent similar breaches
📦Affected Products
Nx Console extensionGitHub repositoriesTanStack npm packagesMistral AI npm packagesUiPathGuardrails AIOpenSearch
Read the full article
This is a curated summary. The complete article is available at Bleeping Computer.