Nx Console
Coverage of Nx Console in the Nexus archive.
- GitHub links repo breach to TanStack npm supply-chain attack
GitHub disclosed that hackers breached 3,800 internal repositories by exploiting a malicious version of the Nx Console VS Code extension, which was compromised during last week's TanStack npm supply-chain attack. The incident represents a significant security vulnerability in the software development supply chain.
- GitHub Internal Repositories Breached via Malicious Nx Console VS Code Extension
GitHub confirmed that a breach of its internal repositories resulted from a compromised employee device running a poisoned version of the Nx Console VS Code extension. The nrwl.angular-console extension was compromised after one of the Nx team's developer systems was hacked.
- Compromised Nx Console 18.95.0 Targeted VS Code Developers with Credential Stealer
A compromised version of the Nx Console extension was published to the Microsoft Visual Studio Code Marketplace, targeting VS Code developers with a credential stealer. The affected extension is rwl.angular-console, version 18.95.0, with over 2.2 million installations. Cybersecurity researchers have flagged this compromise.