GitHub breach exposes 3,800 private repos via poisoned VS Code tool
A compromised VS Code extension on a single GitHub employee's device led to the theft of nearly 3,800 internal repositories. The attack, linked to North Korea-backed hackers, underscores the growing sophistication of supply chain worms targeting developer tools.