1. Forum
  2. tqwNet
  3. TQW GENTECH

  • CISA warns that Nx Console and GitHub repositories abused in mult

    From TechnologyDaily@1337:1/100 to All on Fri May 29 17:15:27 2026
    CISA warns that Nx Console and GitHub repositories abused in multiple supply chain compromises tools across enterprise, cloud, and DevOps environments exploited

    Date:
    Fri, 29 May 2026 16:05:00 +0000

    Description:
    The agency is giving practical advice on how to remain secure in an increasingly unsecure environment.

    FULL STORY ======================================================================Copy link Facebook X Whatsapp Reddit Pinterest Flipboard Threads Email Share this article 0 Join the conversation Follow us Add us as a preferred source on Google Newsletter Subscribe to our newsletter CISA issued an alert on ongoing supply chain attacks abusing GitHub repos via a malicious Nx Console VSCode extension and the Megalodon campaign Threat actors stole CI/CD secrets, cloud credentials, and tokens by poisoning workflows, prompting CISA to urge audits of contributor activity and workflow files Recommended mitigations include forensic reviews, rotating/revoking all pipeline secrets, pinning trusted package versions, and delaying pulls to allow community detection The US Cybersecurity and Infrastructure Security Agency (CISA) is warning about multiple ongoing supply chain attacks and is urging developers and
    open-source platform users to apply mitigations and secure their
    environments.

    In a news alert published earlier this week, the agency warned about attacks on GitHub repos via a malicious Nx Console Visual Studio Code (VSCode) extension, as well as the Megalodon supply chain campaign. It said these attacks show how cyber threat actors are abusing tools and processes that support enterprise, cloud, and DevOps environments - specifically CI/CD pipelines, code extensions, and workflows. By abusing an earlier compromise
    of Nx developer systems, threat actors were able to compromise a GitHub employees device through a poisoned third-party VSCode extension, accessing their repositories and stealing sensitive information found within. Latest Videos From You may like GitHub confirms breach thousands of internal repositories hit Critical Citrix NetScaler flaw gets official patch warning from CISA The open source blind spot in our supply chains CISA's advice In Megalodon, hackers injected malicious GitHub Action workflows to steal CI/CD secrets, cloud credentials, and tokens, CISA said.

    With that in mind, it urged organizations to monitor and audit workflow files and contributor activity and revert any unauthorized changes.

    Organizations that discover a breach from a previously compromised GitHub or Nx Console software should conduct a forensics review of CI/CD logs, cloud audit trails, and affected developer machines, and rotate/revoke all secrets (that includes all credentials, tokens, and secrets accessible to CI/CD pipelines, including API keys, cloud provider credentials ( Amazon Web Services, Google Cloud Platform, Microsoft Azure), SSH keys, Docker/npm/PyPI/Vault/Terraform/Kubernetes tokens, GitHub/GitLab/Bitbucket tokens, and developer or pipeline secrets).

    For using package repositories, CISA recommends waiting at least three hours before pulling a new package, to give the community enough time to spot any suspicious or malicious commits. It also recommends pinning software to specific trusted versions and only pulling packages from known and trusted sources. Are you a pro? Subscribe to our newsletter Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed! Contact me with news and offers from other Future brands Receive email from us on behalf of our trusted partners or sponsors By submitting your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over. The best antivirus for all budgets Our top picks, based on real-world testing and comparisons

    Read our full guide to the best antivirus 1. Best overall: Bitdefender Total Security 2. Best for families: Norton 360 with LifeLock 3. Best for mobile: McAfee Mobile Security Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds.



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/cisa-warns-that-nx-console-and-github-r epositories-abused-in-multiple-supply-chain-compromises-tools-across-enterpris e-cloud-and-devops-environments-exploited


    --- Mystic BBS v1.12 A49 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)