Repository-Exfiltration — CraftedSignal Threat Feedhttps://feed.craftedsignal.io/tags/repository-exfiltration/Trending threats, MITRE ATT&CK coverage, and detection metadata. Fed continuously.Hugoenhello@craftedsignal.iohello@craftedsignal.ioFri, 29 May 2026 16:30:11 +0000GitHub Internal Repositories Compromised via Malicious Nx Console Extensionhttps://feed.craftedsignal.io/briefs/2026-05-github-nxconsole-compromise/Fri, 29 May 2026 16:30:11 +0000hello@craftedsignal.iohttps://feed.craftedsignal.io/briefs/2026-05-github-nxconsole-compromise/GitHub internal repositories were compromised after an attacker injected malicious code into the Nx Console Visual Studio Code extension (v18.95.0), leading to the exfiltration of approximately 3,800 internal repositories.On May 18, 2026, GitHub detected unauthorized access to its internal systems originating from a compromised employee device. The initial intrusion vector was a supply chain attack involving a maliciously modified version of the Nx Console Visual Studio Code extension, specifically version 18.95.0. This malicious extension allowed the attacker to gain access to GitHub’s internal network and exfiltrate approximately 3,800 internal GitHub repositories. These repositories contained proprietary source code and internal configuration data, representing a significant intellectual property and security risk. GitHub Enterprise Server customers are advised to rotate their GPG keys. No action is required for GitHub Enterprise Cloud clients. The malicious Nx Console extension also creates persistence via macOS launch agents and a cat.py script.

Attack Chain

  1. The attacker injects malicious code into the Nx Console Visual Studio Code extension, version 18.95.0.
  2. A GitHub employee unknowingly installs the compromised Nx Console extension on their device.
  3. The malicious extension executes code on the employee’s machine, granting the attacker initial access to the internal network.
  4. The attacker leverages the compromised device to access internal GitHub systems and resources.
  5. The attacker exfiltrates approximately 3,800 internal GitHub repositories containing source code and configuration data.
  6. On macOS systems, the malicious extension creates a ~/.local/share/kitty/cat.py script and related persistence mechanisms using launch agents for recurring access.
  7. The attacker potentially uses exposed credentials on the developer’s machine (AWS, GCP, Azure, GitHub, npm) to further their access and maintain persistence.
  8. The final objective of the attacker is to steal proprietary source code, internal configuration data, and potentially gain long-term access to GitHub’s internal systems.

Impact

The successful exfiltration of approximately 3,800 internal GitHub repositories poses a significant risk to GitHub’s intellectual property and security. Exposed source code could be analyzed for vulnerabilities, leading to further attacks. Leaked configuration data could expose sensitive internal systems and credentials. Customers using GitHub Enterprise Server may need to rotate GPG keys to prevent unauthorized use of signed commits.

Recommendation

  • Monitor CI/CD logs for unexpected repository access/cloning, unauthorized admin actions, authentication/access control changes, unauthorized pushes or orphan commits, and suspicious commits after May 18, 2026, especially from bot/service accounts, as mentioned in the advisory.
  • Remove Nx Console v18.95.0 from all environments and downgrade/upgrade to a known good version (18.94.0 or 18.96.0+), as indicated in the advisory.
  • Check macOS systems for ~/.local/share/kitty/cat.py and related persistence (launch agents) if the malicious version of Nx Console was present, and remediate any findings.
  • Rotate all credentials (AWS, GCP, Azure, GitHub, npm) exposed on developer machines between May 11–20, 2026, if the malicious version of Nx Console was present.
  • Disable IDE extension auto-updates in high-security environments and enforce an approved allowlist of developer tools to strengthen controls.
]]>highadvisorysupply-chaingithubnxconsolerepository-exfiltrationmacos