{"uuid": "b4ba38dd-cf20-41b6-8f27-fef06f72d473", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "GHSA-c9j4-9m59-847w", "type": "seen", "source": "https://infosec.exchange/users/decio/statuses/116613650874522243", "content": "Confirmed\n\"On Monday May 18, we detected and contained a compromise of an employee device involving a poisoned VS Code extension published by a third party. We removed the malicious extension version, isolated the endpoint, and began incident response immediately.\"\u2b07\ufe0f https://github.com/nrwl/nx-console/security/advisories/GHSA-c9j4-9m59-847w\ud83d\udc47 https://github.blog/security/investigating-unauthorized-access-to-githubs-internal-repositories/", "creation_timestamp": "2026-05-21T17:05:00.998652Z"}