While I have not yet read GitHub investigates internal repositories breach claimed by TeamPCP I did read GitHub confirms breach of 3,800 repos via malicious VSCode extension which is an update to the entire story.
Even though the group involved, Team PCP (one word in articles) only wants $50,000, that is considered a little low in my book.
The article indicates that around 3800 repos were affected, and it also says this is not the first time they have attacked GitHub.
Instead of me covering the article in full, I will urge those who use GitHub to at least take a look at this.
You may not have been affected as a developer in this case, however, the company did isolate the incident and clean up everything.
Please stay safe.
Discover more from Jared's Technology podcast network
Subscribe to get the latest posts sent to your email.
Well its not a surprise since github is one of the major opensource systems out there.
Its microsoft which makes it another target I guess.
Its the net so its bound to happen eventually.
Its still a distress when it does.
the archive org breach was something I remembered.
It all depends how they deal with it.
Archive.org did an audit and beefed their systems and acted responsibly.
I have no doubt github will do the same.
Certainly microsoft will do what it does, especially since according to reports that it missed the mobile and now ai bubble with it not really making much cash on the ai system and going back to a user centric approach.
Its users are watching and rightly so.
I think it realises that no matter how big it is, eventually one of its major mistakes will end it so I think it will do the right thing.