GitHub says a hacker stole code from roughly 3,800 of its internal repositories after planting a poisoned plugin on an employee’s computer, raising alarm in the crypto industry over the safety of API keys saved inside code.
Binance founder Changpeng Zhao told developers to check every project for hidden keys and replace them, warning that even private repositories should now be treated as exposed.
GitHub said the breach began when an employee installed a malicious version of a VS Code extension, a small add-on for a code editor used by millions of developers around the world.
The company isolated the affected computer, removed the bad extension, and began swapping out critical passwords overnight. The highest-risk credentials were rotated first.
So far, the investigation suggests the hacker only pulled code from GitHub’s own internal repositories. Customer projects, organizations, and accounts show no evidence of impact.
GitHub said the attacker’s claim of about 3,800 stolen repositories lines up with what its own team has found. A fuller report will follow once the investigation is finished.
In crypto, an exposed API key can drain a trading account within minutes. Many keys also open access to wallets, custody tools, or exchange bots. That is why CZ moved quickly to warn his followers.
The sector has been hit before. A breach at infrastructure provider Vercel earlier this year forced teams to rotate keys. The 3Commas leak in 2022 exposed roughly 100,000 user keys.
A separate supply chain attack on the Bitwarden password manager stole wallet seeds and developer tokens. It then hid the stolen data inside GitHub repositories.
Developers often leave private keys inside code, build scripts, or hidden config files, assuming nobody outside the company can read them. The GitHub case shows internal systems can be broken just like public ones.
GitHub said its team is still working through the logs. Whether any of the stolen repositories contain code or secrets tied to crypto infrastructure should become clearer in the days ahead.
The post Changpeng Zhao Warns Crypto Devs to Rotate API Keys After GitHub Hack appeared first on BeInCrypto.
GitHub said on Wednesday it is investigating unauthorized access to its internal repositories following the compromise of an employee’s device. “While we currently have no evidence of impact to customer information stored outside of GitHub’s internal repositories, we are closely monitoring our infrastructure for follow-on activity,” the developer platform said in a statement.In a subsequent post, GitHub said it detected and contained a compromise of an employee device involving a poisoned VS Code extension on Tuesday. “We removed the malicious extension version, isolated the endpoint, and began incident response immediately,” it added. GitHub is the go-to platform for developers, many of whom host their open source projects and repositories on its servers. TeamPCP claims responsibilityMeanwhile, a hacking group called TeamPCP has reportedly claimed responsibility for the compromise and has attempted to sell the GitHub data online, claiming to have “4,000 repos of private code” related to GitHub’s main platform and internal organizations.TeamPCP is a sophisticated, automation-heavy hacking group that turns compromised developer tools into credential-harvesting machines for financial gain, SecurityWeek reported.TeamPCP claims responsibility on underground hacker forums. Source: Hackmanac“If you have API keys in your code, even private repos, now is the time to double-check and change them,” Binance founder Changpeng Zhao said. Related: Hackers used AI to craft zero-day attack to bypass 2FA: GoogleIt comes just a day after Grafana Labs, an open-source data observability company, said on Tuesday it was hit by a supply-chain attack in which malicious actors accessed its GitHub repositories and downloaded its codebase.The attackers issued a ransom demand under threat of data disclosure, which the firm did not meet. This incident also came shortly after the April 28 public disclosure of a critical remote code execution vulnerability, CVE-2026-3854, that allowed authenticated users to execute arbitrary commands on GitHub’s servers.Wiz Research, which discovered the critical flaw, reported at the time that millions of public and private repositories belonging to other users and organizations were accessible on the affected nodes.Magazine: DeFi’s billion-dollar secret: The insiders responsible for hacks
Meta has reportedly begun cutting staff in Singapore as the company executes a plan to reduce employee numbers by 8,000 to lean more heavily on AI. Emails were sent out at 4 a.m. Singapore time to affected employees, and staff in the US and Europe were also expected to be notified that morning, Bloomberg reported on Tuesday, citing people familiar with the matter. Meta’s engineering and product teams are expected to be hit hardest. Meta is one of several Big Tech firms cutting staff while investing heavily in AI infrastructure in an effort to streamline operations and reduce costs. An estimated 49,135 layoffs have occurred at US companies in 2026 as a result of AI integration. The cuts have also hit crypto firms, such as digital payments platform Block, which laid off 4,000 workers in March, while Coinbase and Crypto.com also recently cut about 700 and 180 employees, respectively. A memo from Meta’s head of people, Janelle Gale, seen by Bloomberg, said Meta’s “flatter structure” and “smaller teams” would enable the company to move faster than before.“We believe this will make us more productive and make the work more rewarding,” Gale wrote. The people familiar with the matter told Bloomberg that additional layoffs could follow later in the year.Related: Hong Kong’s Boyaa Interactive eyes $70M crypto treasury expansion Earlier this month, employees at Meta widely criticized a company initiative to collect data from their devices, such as keystrokes, mouse movements and screen content, for the company to train its AI models.Meta’s aggressive spending on AI infrastructure has also caused investor concern that it won’t pay off.The Mark Zuckerberg-led company has already poured more than $100 billion into AI, and it also plans to build the world’s biggest AI facility in the US state of Louisiana, potentially valued at $200 billion.The amount is more than the $80 billion that Meta poured into the metaverse before shifting its vision to mobile as it shut down the VR version of Horizon Worlds, the company’s virtual reality social network that was intended to underpin its broader metaverse strategy.Magazine: Crypto scammers face death, Aussie CGT makes Asian hubs attractive
Global laws are still trailing the technology when it comes to determining who is liable if an artificial intelligence (AI) agent is hacked or makes
The dominance of dollar-pegged stablecoins reinforces U.S. financial influence globally, complicating efforts for currency diversification in DeFi. The post Non-dollar stablecoins struggle to gain market
Blockchain Bodega is here and you know the vibes. We’re at the intersection of hip-hop culture and web3, exploring this new digital frontier. Who better to guide you through these uncharted lanes than Ock Chain – The Bitcoin Boss and the Consensus Corner Boys?
Ock Chain doesn’t just cook up random details about cryptocurrency; he lives it. Ock’s been deep in the game since Bitcoin was just a baby.
And let’s not forget about the Consensus Corner Boys. They’re our skilled crew of blockchain enthusiasts. They’re here to educate, entertain, and enlighten.
Welcome to Blockchain Bodega!
Copyright © 2023 Blockchain Bodega. All rights reserved.
