CPO Magazine

GitHub Hacker Claims Security Breach Involved About 4,000 Internal Repositories, Takes Bids on Stolen Data

On May 19 GitHub confirmed the security breach across its social media channels, verifying that there was unauthorized access to internal repositories and stating that it was monitoring the situation ...
SiliconANGLE

GitHub confirms breach of 3,800 internal repos after employee installs poisoned VS Code extension

Hackers exfiltrated roughly 3,800 of GitHub Inc.’s internal code repositories after one of its employees installed a poisoned Visual Studio Code extension, the Microsoft Corp.-owned developer platform ...
Security Boulevard

The TanStack Breach and the Fragility of Trusted Code

On May 11, 2026, several TanStack packages on npm were briefly replaced with malicious versions, raising fresh concerns about how attackers can use trusted open-source software to reach developer ...
Infosecurity Magazine

Grafana Labs Says Code Breach Stemmed from TanStack Attack

A popular developer of open source analytics software has revealed that a recent data breach and extortion incident was caused by the Mini Shai-Hulud campaign which compromised TanStack packages.
Bleeping Computer

GitHub links repo breach to TanStack npm supply-chain attack

GitHub says the hackers who breached 3,800 internal repositories gained access via a malicious version of the Nx Console VS Code extension, compromised in last week's TanStack npm supply-chain attack.