GitHub confirms breach of 3,800 repos via malicious VSCode extension

Posted by Timofeibu 12 hours ago

GitHub confirms breach of 3,800 repos via malicious VSCode extension(www.bleepingcomputer.com)

Previous thread in sequence:

GitHub is investigating unauthorized access to their internal repositories - https://news.ycombinator.com/item?id=48201316 - May 2026 (321 comments)

515 points | 185 commentspage 4

sunshine-o 6 hours ago|

Isn't 50k a bargain for what could potentially be in those files?

Maybe they looked it up and there wasn't anything interesting but then why take the risk for this kind of money?

Something doesn't make sense.

smashed 6 hours ago||

The data has been stolen by a criminal group. Paying for "restoring" the data does not guarantee they will delete all copies. There is no way of proving they actually did and they have in fact very little incentive to actually delete it.

You have to take their words for it but how can you trust crooks?

tyre 6 hours ago||

> You have to take their words for it but how can you trust crooks?

Because these are repeat actors. If they take a ransom and then re-sell it, no company will pay them ever again.

Don't think of experienced criminal enterprises as "groups of irrational scoundrels." They are companies, with employees, who understand game theory.

dylan604 5 hours ago|||

At some point, these people will come up with a ransom-as-a-service that you can subscribe to make monthly payments. It's no different than having to pay criminals monthly for security to prevent them from harming your themselves.

deckar01 5 hours ago||

> this is not a ransom … Send your offers … we are not interested in under 50k…

It is a blind auction with a $50k minimum bid.

sunshine-o 4 hours ago||

Sure but I meant I do find the minimum bid very low for such a high profile hack.

dude250711 4 hours ago||

A good day not to be using Electronjs trash.

Gigachad 2 hours ago|

Electron has nothing to do with the exploit here. A Vim plugin would have just as much ability to run malware.

jmclnx 6 hours ago||

Another day another issue with Microsoft products, what else can be said :( At least they are being upfront these days.

assanineass 4 hours ago||

[dead]

a-dub 6 hours ago||

[dead]

jehnnysmith 3 hours ago||

question is why are people still using vscode or coding by hand?

thrawa8387336 5 hours ago|

Who uses GitHub in 2026