/topics/github-unauthorized-access-investigation

GitHub unauthorized access investigation

4 items●1 sources●updated 27d ago●trend 0

┌─ summary ─────────────────────────────┐

GitHub is investigating unauthorized access to internal repositories, with the Nx Console VS Code extension identified as the initial attack vector. The breach exposed sensitive credentials, including CISA secrets found in public repositories.

┌─ key points ──────────────────────────┐

Nx Console VS Code extension served as entry point for unauthorized access
GitHub internal repositories were compromised during the incident
CISA credentials were exposed and discovered in public GitHub repositories
Investigation began around May 19-20, 2026

┌─ items (4) ───────────────────────────┐

[HN]hacker news4

Nx Console VS Code extension was the initial access vector in the GitHub breach

HN: GPT · vldszn · ▲6 · 27d

Compromised Nx Console

HN: GPT · 0xedb · ▲3 · 27d

GitHub is investigating unauthorized access to their internal repositories

HN: GPT · splenditer · ▲246 · 28d

N display of stupid, secret CISA credentials found in public GitHub rep

HN: GPT · sbulaev · ▲3 · 28d