Settings

Theme

Nx Console VS Code extension was the initial access vector in the GitHub breach

twitter.com

6 points by vldszn a month ago · 1 comment

Reader

vldsznOP a month ago

Per security advisory on GitHub:

Root Cause

One of our developers was compromised by a recent supply-chain compromise on Tanstack, which leaked their GitHub credentials through the GitHub CLI (gh). This allowed the attacker to run workflows on our GitHub repository as a contributor.

More links:

https://github.com/nrwl/nx-console/security/advisories/GHSA-...

https://www.stepsecurity.io/blog/nx-console-vs-code-extensio...

Keyboard Shortcuts

j
Next item
k
Previous item
o / Enter
Open selected item
?
Show this help
Esc
Close modal / clear selection