PulseAugur
实时 01:38:53
English(EN) GitHub Says 3,800 Repositories Breached—TeamPCP Hackers Demand $50,000

TeamPCP黑客通过恶意VS Code扩展入侵GitHub内部代码库

黑客组织TeamPCP已入侵GitHub的内部代码库,一名GitHub员工安装了恶意VS Code扩展后,可能导致源代码泄露。该组织声称已窃取约3800个代码库,并试图以至少5万美元的价格出售被盗数据,威胁称若无买家将公开泄露。此次事件是针对开发者工具和生态系统的软件供应链攻击日益增多的趋势的一部分。 AI

影响 凸显了针对AI开发者工具和生态系统的供应链攻击风险日益增加,可能导致敏感代码和凭证泄露。

排序理由 一个广泛使用的开发者平台发生重大安全事件,涉及潜在的源代码盗窃和勒索企图。

在 Forbes — Innovation 阅读 →

AI 生成摘要 · Google Gemini · 来自 10 个来源。 我们如何撰写摘要 →

TeamPCP黑客通过恶意VS Code扩展入侵GitHub内部代码库

报道来源 [10]

  1. Forbes — Innovation TIER_1 English(EN) · Davey Winder, Senior Contributor ·

    GitHub称3800个代码库遭入侵—TeamPCP黑客索要5万美元

    A GitHub employee has unwittingly allowed 3,800 internal repositories to be breached after a device compromise with a poisoned VS Code extension.

  2. Tom's Hardware TIER_1 English(EN) · Etiido Uko ·

    黑客组织通过有毒的开发者插件攻击了3800个内部GitHub存储库 — TeamPCP声称窃取源代码并试图以5万美元出售,员工安装了恶意的VS Code扩展

    GitHub has confirmed a breach involving roughly 3,800 internal repositories after an employee device was compromised through a malicious VS Code extension. The TeamPCP hacker group claims it stole internal source code and attempted to sell the data for at least $50,000.

  3. Tom's Hardware TIER_1 English(EN) · Etiido Uko ·

    受损的 Mistral AI 和 TanStack 包可能在“迷你沙赫鲁德”恶意软件感染中暴露 GitHub、云和 CI/CD 凭据 — 供应链攻击像野火一样蔓延到 npm 和 AI 开发人员生态系统

    Microsoft says attackers compromised the mistralai PyPI package with malware that executed on import, while researchers link related npm compromises affecting TanStack and Mistral SDKs to the broader “Mini Shai-Hulud” supply-chain campaign.

  4. The Register — AI TIER_1 English(EN) ·

    恶意软件团伙TeamPCP在GitHub上开源其Shai-Hulud蠕虫

    Where it’s been well and truly forked, seemingly without Microsoft’s code locker noticing

  5. Mastodon — fosstodon.org TIER_1 English(EN) · [email protected] ·

    黑客组织通过有毒开发者插件攻击了3800个内部GitHub存储库 — TeamPCP声称来源…… GitHub已确认涉及约3800个存储库的泄露

    Hacker group hits 3,800 internal GitHub repositories via poisoned developer plugin — TeamPCP claims sourc… GitHub has confirmed a breach involving roughly 3,800 internal repositories after an employee device was compromised through a malicious VS Code extension. The TeamPCP hacke…

  6. Mastodon — fosstodon.org TIER_1 English(EN) · [email protected] ·

    📰 一个黑客组织正以前所未有的规模污染开源代码 GitHub 只是 TeamPCP 帮派的最新受害者,该帮派已进行了一系列软件攻击

    📰 A Hacker Group Is Poisoning Open Source Code at an Unprecedented Scale GitHub is just the latest victim of TeamPCP, a gang that has carried out a spree of software supply chain attacks that has impacted hundreds of organizations. 📰 Source: Feed: All Latest 🔗 Archive: https://we…

  7. Mastodon — fosstodon.org TIER_1 English(EN) · [email protected] ·

    TeamPCP声称已攻破Mistral AI,该公司确认受到TanStack供应链攻击影响,涉及恶意NPM和PyPI软件包。Mistral

    TeamPCP claims it breached Mistral AI while the company confirms impact from the TanStack supply chain attack involving malicious NPM and PyPI packages. Mistral says there’s currently no evidence of an internal infrastructure breach. https://www. technadu.com/teampcp-claims-mi st…

  8. Mastodon — fosstodon.org TIER_1 English(EN) · [email protected] ·

    被攻破的 Mistral AI 和 TanStack 包可能在“min… Microsoft 表示攻击者已攻破 mistralai Py

    Compromised Mistral AI and TanStack packages may have exposed GitHub, cloud and CI/CD credentials in 'min… Microsoft says attackers compromised the mistralai PyPI package with malware that executed on import, while researchers link related npm compromises affecting TanStack and M…

  9. Mastodon — fosstodon.org TIER_1 Português(PT) · [email protected] ·

    Massive attack hits Mistral AI, UiPath, and TanStack npm and PyPI packages

    Ataque massivo atinge pacotes npm e PyPI da Mistral AI, UiPath e TanStack 🔗 https:// tugatech.com.pt/t83314-ataque- massivo-atinge-pacotes-npm-e-pypi-da-mistral-ai-uipath-e-tanstack # ai # ataque # mistral

  10. Mastodon — mastodon.social TIER_1 Čeština(CS) · liliumf ·

    🔥 热门 📢 GitHub 员工将恶意软件植入 VS Code,黑客立即窃取了 3,800 个内部代码库 - Cnews.cz 🔗 https://news.google.com/

    🔥 TRENDING 📢 Zaměstnanec GitHubu si nainstaloval malware do VS Code, hackeři okamžitě vykradli 3 800 interních repozitářů - Cnews.cz 🔗 https:// news.google.com/rss/articles/C BMi0gFBVV95cUxOektPaGZfLXBWa2VITlNWd1Y3dFo5R2NKNE5jTS1EUndIRGlpV0hmQlJFRVBrem1ham43dXlHV2VvejFqZnB4ekFFT2…