FILTERING BY: CLEAR FILTER

GitHub Internal Repository Breach via Poisoned Nx VS Code Extension

A high-impact supply chain attack has compromised approximately 3,800 of GitHub's internal repositories. The breach originated from a poisoned version of the 'nrwl.angular-console' (Nx Console) Microsoft Visual Studio Code extension. By infiltrating a GitHub employee's development environment, the threat actor likely leveraged token-stealing mechanisms or a VS Code zero-day vulnerability to exfiltrate authentication tokens and access proprietary source code. The compromised data, including sensitive internal intellectual property, has reportedly been listed for sale on underground dark web forums. This incident highlights critical risks in developer tooling and the potential for secondary compromises through stolen credentials.

Hades Malware Campaign: AI-Driven Evasion in PyPI, npm, and RubyGems

The Hades campaign is a cross-registry supply chain attack targeting PyPI, npm, and RubyGems via the leaked Miasma toolkit. Attackers deploy malicious wheel artifacts and setup.pth files to exfiltrate CI/CD credentials and environment variables. The campaign utilizes an "AI Safety-Evasion Paradox," injecting terminology related to biological and nuclear weaponry into the codebase. This triggers safety guardrails in AI-based security scanners, forcing the models to terminate analysis to avoid policy violations, thereby creating a blind spot that allows the malicious payload to bypass detection. Impact includes 19 poisoned PyPI packages and approximately 304 affected software components across 73 GitHub repositories.


LINK COPIED TO CLIPBOARD