TechFlow reports that on May 20, GitHub’s official account (@github) disclosed a security incident detected on May 20, 2026. The incident originated from a malicious Visual Studio Code (VS Code) extension installed on an employee’s device. Attackers leveraged this extension to compromise the employee’s device and successfully exfiltrated data from approximately 3,800 internal GitHub repositories. GitHub responded swiftly by removing the malicious extension version, isolating the infected endpoints, and rotating critical credentials on the day of the incident and overnight—prioritizing high-impact, sensitive credentials. GitHub continues to analyze logs, verify the effectiveness of credential rotations, and monitor for subsequent anomalous activity. A full report will be published upon completion of the investigation. GitHub stated that, based on its current assessment, this incident involves only the unauthorized disclosure of internal repository data, with no evidence indicating any impact on user data.
Risk Disclosure: This website's content is not investment advice and offers no trading guidance or related services. Per regulations from the PBOC and other authorities, users must be aware of virtual currency risks. Contact us / support@techflowpost.com ICP License: 琼ICP备2022009338号
