PulseAugur
实时 05:59:34
English(EN) GitHub Says 3,800 Repositories Breached—TeamPCP Hackers Demand $50,000

TeamPCP黑客通过恶意VS Code扩展入侵GitHub内部代码库

作者 PulseAugur 编辑部 · [10 个来源] ·

黑客组织TeamPCP已入侵GitHub的内部代码库,一名GitHub员工安装了恶意VS Code扩展后,可能导致源代码泄露。该组织声称已窃取约3800个代码库,并试图以至少5万美元的价格出售被盗数据,威胁称若无买家将公开泄露。此次事件是针对开发者工具和生态系统的软件供应链攻击日益增多的趋势的一部分。 AI

影响 凸显了针对AI开发者工具和生态系统的供应链攻击风险日益增加,可能导致敏感代码和凭证泄露。

排序理由 一个广泛使用的开发者平台发生重大安全事件,涉及潜在的源代码盗窃和勒索企图。

在 Forbes — Innovation 阅读 →

AI 生成摘要 · Google Gemini · 来自 10 个来源。 我们如何撰写摘要 →

TeamPCP黑客通过恶意VS Code扩展入侵GitHub内部代码库

报道来源 [10]

  1. Forbes — Innovation TIER_1 English(EN) · Davey Winder, Senior Contributor ·

    GitHub Says 3,800 Repositories Breached—TeamPCP Hackers Demand $50,000

    A GitHub employee has unwittingly allowed 3,800 internal repositories to be breached after a device compromise with a poisoned VS Code extension.

  2. Tom's Hardware TIER_1 English(EN) · Etiido Uko ·

    Hacker group hits 3,800 internal GitHub repositories via poisoned developer plugin — TeamPCP claims source code theft and attempts $50,000 sale, employee installed malicious VS Code extension

    GitHub has confirmed a breach involving roughly 3,800 internal repositories after an employee device was compromised through a malicious VS Code extension. The TeamPCP hacker group claims it stole internal source code and attempted to sell the data for at least $50,000.

  3. Tom's Hardware TIER_1 English(EN) · Etiido Uko ·

    Compromised Mistral AI and TanStack packages may have exposed GitHub, cloud and CI/CD credentials in 'mini Shai Hulud' malware infection — supply-chain campaign spreads across npm and AI developer ecosystems like wildfire

    Microsoft says attackers compromised the mistralai PyPI package with malware that executed on import, while researchers link related npm compromises affecting TanStack and Mistral SDKs to the broader “Mini Shai-Hulud” supply-chain campaign.

  4. The Register — AI TIER_1 English(EN) ·

    Malware crew TeamPCP open-sources its Shai-Hulud worm on GitHub

    Where it’s been well and truly forked, seemingly without Microsoft’s code locker noticing

  5. Mastodon — fosstodon.org TIER_1 English(EN) · [email protected] ·

    Hacker group hits 3,800 internal GitHub repositories via poisoned developer plugin — TeamPCP claims sourc… GitHub has confirmed a breach involving roughly 3,800

    Hacker group hits 3,800 internal GitHub repositories via poisoned developer plugin — TeamPCP claims sourc… GitHub has confirmed a breach involving roughly 3,800 internal repositories after an employee device was compromised through a malicious VS Code extension. The TeamPCP hacke…

    链接 tomshardware.com/…/hacker-group-hits-3-80… tomshardware.com/tech-industry
  6. Mastodon — fosstodon.org TIER_1 English(EN) · [email protected] ·

    📰 A Hacker Group Is Poisoning Open Source Code at an Unprecedented Scale GitHub is just the latest victim of TeamPCP, a gang that has carried out a spree of sof

    📰 A Hacker Group Is Poisoning Open Source Code at an Unprecedented Scale GitHub is just the latest victim of TeamPCP, a gang that has carried out a spree of software supply chain attacks that has impacted hundreds of organizations. 📰 Source: Feed: All Latest 🔗 Archive: https://we…

    链接 web.archive.org/…/teampcp-software-supply… web.archive.org
  7. Mastodon — fosstodon.org TIER_1 English(EN) · [email protected] ·

    TeamPCP claims it breached Mistral AI while the company confirms impact from the TanStack supply chain attack involving malicious NPM and PyPI packages. Mistral

    TeamPCP claims it breached Mistral AI while the company confirms impact from the TanStack supply chain attack involving malicious NPM and PyPI packages. Mistral says there’s currently no evidence of an internal infrastructure breach. https://www. technadu.com/teampcp-claims-mi st…

    链接 technadu.com/…/627870
  8. Mastodon — fosstodon.org TIER_1 English(EN) · [email protected] ·

    Compromised Mistral AI and TanStack packages may have exposed GitHub, cloud and CI/CD credentials in 'min… Microsoft says attackers compromised the mistralai Py

    Compromised Mistral AI and TanStack packages may have exposed GitHub, cloud and CI/CD credentials in 'min… Microsoft says attackers compromised the mistralai PyPI package with malware that executed on import, while researchers link related npm compromises affecting TanStack and M…

    链接 tomshardware.com/…/compromised-mistral-ai… tomshardware.com/tech-industry
  9. Mastodon — fosstodon.org TIER_1 Português(PT) · [email protected] ·

    Massive attack hits Mistral AI, UiPath, and TanStack npm and PyPI packages 🔗 https://tugatech.com.pt/t83314-ataque-massivo-atinge-pacotes-npm-e-pypi-da-mistral

    Ataque massivo atinge pacotes npm e PyPI da Mistral AI, UiPath e TanStack 🔗 https:// tugatech.com.pt/t83314-ataque- massivo-atinge-pacotes-npm-e-pypi-da-mistral-ai-uipath-e-tanstack # ai # ataque # mistral

    链接 tugatech.com.pt/t83314-ataque-massivo-ati…
  10. Mastodon — mastodon.social TIER_1 Čeština(CS) · liliumf ·

    🔥 TRENDING 📢 GitHub Employee Installed Malware into VS Code, Hackers Immediately Stole 3,800 Internal Repositories - Cnews.cz 🔗 https://news.google.com/

    🔥 TRENDING 📢 Zaměstnanec GitHubu si nainstaloval malware do VS Code, hackeři okamžitě vykradli 3 800 interních repozitářů - Cnews.cz 🔗 https:// news.google.com/rss/articles/C BMi0gFBVV95cUxOektPaGZfLXBWa2VITlNWd1Y3dFo5R2NKNE5jTS1EUndIRGlpV0hmQlJFRVBrem1ham43dXlHV2VvejFqZnB4ekFFT2…

    链接 news.google.com/…/CBMi0gFBVV95cUxOektPaGZ…

相关实体

相关话题