GitHub Probes Employee Device Breach

GitHub says a poisoned VS Code extension on an employee device exposed about 3,800 internal repositories. The practical takeaway: review developer extensions, rotate secrets after suspected compromise, and monitor for follow-on activity.