San Francisco — GitHub confirmed ~3,800 repos stolen via VS Code extension. VS Code extensions run with broad host privileges; the attacker group advertised the stolen source code for sale, claiming ~
TheRegister.com