adesanmi.com

news.ycombinator.com/item?id=4820...

GitHub’s source code has been stolen, and it looks like the culprit is a poisoned VS Code extension. The rate of supply chain attacks feels like its increased tenfold in the last 7-8 months, perfectly coinciding with the rise of more capable AI models.

news.ycombinator.com

GitHub is investigating unauthorized access to their internal repositories | Hacker News

More in this thread

  1. I shudder to think about the consequences of not getting on top of the increase in supply chain attacks. Once events like this start to become “normalised”, we risk total loss of confidence in package ecosystems.

View thread on Bluesky