{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata. Fed continuously.","feed_url":"https://feed.craftedsignal.io/products/github-internal-repositories/feed.json","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cpes":[],"_cs_cves":[],"_cs_exploited":false,"_cs_has_poc":false,"_cs_poc_references":[],"_cs_products":["GitHub internal repositories","GitHub Enterprise Server","Nx Console Visual Studio Code extension"],"_cs_severities":["high"],"_cs_tags":["supply-chain","github","nxconsole","repository-exfiltration","macos"],"_cs_type":"advisory","_cs_vendors":["GitHub"],"content_html":"\u003cp\u003eOn May 18, 2026, GitHub detected unauthorized access to its internal systems originating from a compromised employee device. The initial intrusion vector was a supply chain attack involving a maliciously modified version of the Nx Console Visual Studio Code extension, specifically version 18.95.0. This malicious extension allowed the attacker to gain access to GitHub\u0026rsquo;s internal network and exfiltrate approximately 3,800 internal GitHub repositories. These repositories contained proprietary source code and internal configuration data, representing a significant intellectual property and security risk. GitHub Enterprise Server customers are advised to rotate their GPG keys. No action is required for GitHub Enterprise Cloud clients. The malicious Nx Console extension also creates persistence via macOS launch agents and a \u003ccode\u003ecat.py\u003c/code\u003e script.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eThe attacker injects malicious code into the Nx Console Visual Studio Code extension, version 18.95.0.\u003c/li\u003e\n\u003cli\u003eA GitHub employee unknowingly installs the compromised Nx Console extension on their device.\u003c/li\u003e\n\u003cli\u003eThe malicious extension executes code on the employee\u0026rsquo;s machine, granting the attacker initial access to the internal network.\u003c/li\u003e\n\u003cli\u003eThe attacker leverages the compromised device to access internal GitHub systems and resources.\u003c/li\u003e\n\u003cli\u003eThe attacker exfiltrates approximately 3,800 internal GitHub repositories containing source code and configuration data.\u003c/li\u003e\n\u003cli\u003eOn macOS systems, the malicious extension creates a \u003ccode\u003e~/.local/share/kitty/cat.py\u003c/code\u003e script and related persistence mechanisms using launch agents for recurring access.\u003c/li\u003e\n\u003cli\u003eThe attacker potentially uses exposed credentials on the developer\u0026rsquo;s machine (AWS, GCP, Azure, GitHub, npm) to further their access and maintain persistence.\u003c/li\u003e\n\u003cli\u003eThe final objective of the attacker is to steal proprietary source code, internal configuration data, and potentially gain long-term access to GitHub\u0026rsquo;s internal systems.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eThe successful exfiltration of approximately 3,800 internal GitHub repositories poses a significant risk to GitHub\u0026rsquo;s intellectual property and security. Exposed source code could be analyzed for vulnerabilities, leading to further attacks. Leaked configuration data could expose sensitive internal systems and credentials. Customers using GitHub Enterprise Server may need to rotate GPG keys to prevent unauthorized use of signed commits.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMonitor CI/CD logs for unexpected repository access/cloning, unauthorized admin actions, authentication/access control changes, unauthorized pushes or orphan commits, and suspicious commits after May 18, 2026, especially from bot/service accounts, as mentioned in the advisory.\u003c/li\u003e\n\u003cli\u003eRemove Nx Console v18.95.0 from all environments and downgrade/upgrade to a known good version (18.94.0 or 18.96.0+), as indicated in the advisory.\u003c/li\u003e\n\u003cli\u003eCheck macOS systems for \u003ccode\u003e~/.local/share/kitty/cat.py\u003c/code\u003e and related persistence (launch agents) if the malicious version of Nx Console was present, and remediate any findings.\u003c/li\u003e\n\u003cli\u003eRotate all credentials (AWS, GCP, Azure, GitHub, npm) exposed on developer machines between May 11–20, 2026, if the malicious version of Nx Console was present.\u003c/li\u003e\n\u003cli\u003eDisable IDE extension auto-updates in high-security environments and enforce an approved allowlist of developer tools to strengthen controls.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-05-29T16:30:11Z","date_published":"2026-05-29T16:30:11Z","id":"https://feed.craftedsignal.io/briefs/2026-05-github-nxconsole-compromise/","summary":"GitHub internal repositories were compromised after an attacker injected malicious code into the Nx Console Visual Studio Code extension (v18.95.0), leading to the exfiltration of approximately 3,800 internal repositories.","title":"GitHub Internal Repositories Compromised via Malicious Nx Console Extension","url":"https://feed.craftedsignal.io/briefs/2026-05-github-nxconsole-compromise/"}],"language":"en","title":"CraftedSignal Threat Feed — GitHub Internal Repositories","version":"https://jsonfeed.org/version/1.1"}