Trending Now RSS

GitHub

More context

Most discussion centers on major GitHub-related security incidents: malicious CI/CD commits and cache poisoning, plus a breach of 3,800 internal GitHub repositories via a poisoned VS Code extension. Separate coverage links GitHub to other supply-chain issues like TanStack npm attacks and compares fallout details across outlets.

ContextBleepingComputerTom's HardwareView all sources →
3.1 Activity score steady · 3d
15.2 Peak score 3d window
Negative Sentiment
11 Sources · 13 signals
Last updated · next ~17:00
3d First on radar
5,561 GitHub repos got malicious CI/CD commits injected in 6 hours. The commits looked exactly like routine bot maintenance. Here is what happened and how to check if you were hit. ·
Key Takeaway Treat CI workflows, cache, and dev tooling as high-risk: attacker-supplied changes can look like routine bot activity and impact thousands of repos.
AI summary · grounded in cited sources
SourcesBleepingComputersafedep.ioView all sources →
CI/CD compromise VS Code extension attack Supply-chain injection
Negative 12/100
Themes
+3 adjacent themes
CI/CD compromiseVS Code extension attackSupply-chain injection
AI Brief

Treat CI workflows, cache, and dev tooling as high-risk: attacker-supplied changes can look like routine bot activity and impact thousands of repos.

Most discussion centers on major GitHub-related security incidents: malicious CI/CD commits and cache poisoning, plus a breach of 3,800 internal GitHub repositories via a poisoned VS Code extension. Separate coverage links GitHub to other supply-chain issues like TanStack npm attacks and compares fallout details across outlets.

Trending Activity ▼ -4.6 24h
Trend score · left axis Sentiment score · right axis

Live Wire

Top 3 signals · Treat CI workflows, cache, and dev tooling as high-risk:
BleepingComputer · 1d ago
GitHub links repo breach to TanStack npm supply-chain attack
r/cybersecurity · 1h ago
5,561 GitHub repos got malicious CI/CD commits injected in 6 hours. The commits looked exactly like routine bot maintenance. Here is what happened and how to check if you were hit.
safedep.io · 8h ago
Megalodon: Mass GitHub Repo Backdooring via CI Workflows

Briefing Findings · Treat CI workflows, cache, and dev tooling as high-risk:

Story-specific findings extracted from this briefing's coverage. Fast Facts in the sidebar holds the canonical reference data (CEO, founded, ticker).

malicious repos timeframe 5,561 GitHub repos hit with malicious CI/CD commits in 6 hours
malicious extension impact 3,800 internal GitHub repositories accessed via poisoned VS Code plugin
bot-like disguise Injected commits looked exactly like routine bot maintenance
cache issue GitHub Actions Cache Poisoning described as “eating open source”

What to Watch

  • Check for indicators of compromise by reviewing CI/CD workflow and injected commit activity from the last 6 hours window. BleepingComputer
  • Verify whether any VS Code extensions were installed that could map to the poisoned-plugin timeline affecting 3,800 repos. BleepingComputer
  • Follow ongoing reporting on GitHub Actions cache poisoning and mitigation guidance for open-source pipelines. r/netsec

What Changed

  • 5,561 GitHub repos got malicious CI/CD commits injected in 6 hours. The commits looked exactly like routine bot maintenance. Here is what happened and how to check if you were hit. BleepingComputer
  • Megalodon: Mass GitHub Repo Backdooring via CI Workflows safedep.io
  • GitHub confirms breach of 3,800 repos via malicious VSCode extension bleepingcomputer.com
Source-backed brief 3 articles across 3 publications · brief is source backed Show all sources
BleepingComputer · 1 article
r/cybersecurity · 1 article
safedep.io · 1 article

Latest from across the web

External coverage we have crawled and indexed for this topic.

View all 9 signals →
bleepingcomputer.com

GitHub links repo breach to TanStack npm supply-chain attack

GitHub says the hackers who breached 3,800 internal repositories gained access via a malicious version of the Nx Console VS Code extension, compromised in last week's TanStack npm supply-chain attack.

2d ago Sergiu Gatlan
guru3d.com

Malicious VS Code Extension Linked to Theft of 3,800 GitHub Repositories

A reported software supply chain attack involving a malicious Visual Studio Code extension has exposed the growing security risks surrounding modern development environments.

1d ago Hilbert Hagedoorn
techcrunch.com

GitHub says hackers stole data from thousands of internal repositories | TechCrunch

The code hosting giant GitHub said it was investigating a breach, but said there was no evidence of customer data theft.

2d ago Zack Whittaker
bleepingcomputer.com

GitHub investigates internal repositories breach claimed by TeamPCP

GitHub is investigating a breach of its internal repositories after the TeamPCP hacker group claimed to have accessed approximately 4,000 repositories containing private code.

3d ago Sergiu Gatlan
neowin.net

Microsoft launches GitHub Copilot app to supercharge agentic development

Microsoft is evolving the developer workflow with a dedicated environment for GitHub Copilot. See how you can join the technical preview today.

3d ago Paul Hill
igorslab.de

GitHub Copilot Cloud Agent bekommt Sparmodelle: weniger Kanone, mehr …

GitHub erweitert den Copilot Cloud Agent um zwei schnellere und kostengünstigere Modelloptionen.

3d ago Samir Bashir

What each outlet is saying

Source-by-source view of what publications and communities are surfacing right now.

r/netsec Community · 1 article

Tracking: [Analysis] CISA contractor left AWS GovCloud admin keys, plaintext passwords, SAML certs, and Kubernetes configs on a public GitHub repo for 183 days — with secret scanning deliberately disabled / GitHub Actions Cache Poisoning is eating open source

GitHub hit by a compromised VSCode extension
Discovery

Videos

Topic-matched media from the channels we track
Take GitHub Copilot on the go with remote control GitHub GitHub is having some major issues right now… Fireship The Supply Chain Attacks All Have One Thing in Common. It's GitHub. DB Tech Getting started with Markdown on GitHub GitHub How global tech talent is advancing with GitHub Copilot | GitHub x Andela GitHub Getting started with GitHub Pages for beginners | Tutorial GitHub

Discussions on the web

Recent threads on Reddit and Hacker News that mention GitHub.

More in search →
Hacker News · u/linux_lorax · 

Enabling Resizable Bar on RTX 3080 Vbios via GitHub

Enabling Resizable Bar on RTX 3080 Vbios via GitHub

7 5
Hacker News · u/GeorgeWoff25 · 

I built an extension to preview GitHub repos and links without opening new tabs

I built an extension to preview GitHub repos and links without opening new tabs

7

People also ask

Common questions on GitHub, surfaced from across the indexed web.

What is GitHub Copilot CLI interactive mode?

Interactive mode is a back-and-forth, chat-like experience. When you launch Copilot CLI with Copilot, you’re already in interactive mode—that’s the default. Non-interactive mode is a separate option for when you want a quick, one-off answer without entering a session. (More on non-interactive mode later!) In interactive mode, you can ask GitHub Copilot a question, review its response, and then either follow up with questions or another prompt—all within the same session. This is the mode for those who want to work hands-on with Copilot and iterate as you go. Here’s how to enter interactive mod

GitHub Copilot CLI for Beginners: Interactive v. non-interactive mode
What is GitHub Copilot CLI non-interactive mode?

On the other hand, non-interactive mode is designed for speed and simplicity. Instead of having to enter a full session, you pass a single prompt right in the command line and get a response almost immediately, without needing to follow up with Copilot. Designed as an in-line experience, this mode is perfect for quick, one-shot prompts like summarizing a repository, generating code snippets, or plugging Copilot into automated workflows, without leaving your shell context. Once you get an answer, you’re right back in your terminal flow. Here’s how to enter non-interactive mode: Start at the reg

GitHub Copilot CLI for Beginners: Interactive v. non-interactive mode
What is the header?

Setting X-GitHub-Stateless-S2S-Token on a POST /app/installations/:installation_id/access_tokens request overrides the server-side rollout decision for that single request. Header value Effect enabled Returns a stateless (JWT-format) token, regardless of where you are in the rollout. disabled Returns a stateful (classic opaque) token, even if your integration is already included in the rollout. (absent) Normal rollout behavior (i.e., no override). Any other value (true, false, 1, 0, etc.) is silently ignored and given the standard rollout behavior. The header is supported on the POST /app/i

GitHub App installation tokens: Per-request override header - GitHub Changelog
What is procedural generation?

Procedural generation (or “procgen” as the cool kids call it) is a way of creating content algorithmically instead of designing it by hand. In games, that usually means levels, maps, enemies, or items are generated at runtime using a set of rules plus a bit of randomness. So instead of designing one dungeon, you design a system that generates many. That’s what gives roguelikes their replayability: Every run is different Layouts change every time Something Something In GitHub Dungeons, that system is tied to your repo. The layout is seeded by your latest commit, so the same code produces the

Dungeons & Desktops: Building a procedurally generated roguelike with GitHub Copilot CLI
Share & embed Quotables, social share, embed snippet

Share

Twitter Reddit

Quotables · click to copy

Verbatim claims you can cite from the briefing. Each quote is sourced from indexed coverage — paste into your own writing or social.

Embed widget

<script src="https://ttek2.com/embed/pulse/github" async></script>