GitHub hit by breach after malicious VS Code extension installed

GITHUB confirmed a breach affecting approximately 3,800 internal repositories due to a malicious Visual Studio Code (VS Code) extension installed by an employee. The compromised extension has been removed from the VS Code marketplace, and GitHub secured the affected device. The company stated that the incident involved the exfiltration of internal repositories and is aligned with the reported number of repositories compromised.