In-depth guides and analysis on incident postmortem from the Safeguard engineering team.
1 article
GitHub disclosed on 20 May 2026 that a poisoned VS Code Marketplace extension was used to exfiltrate roughly 3,800 private repositories from enterprise engineering orgs, landing in the middle of a broader May 2026 wave of developer-surface supply chain attacks.