How the compromise chain worked GitHub’s account of the incident ties the breach to a poisoned VS Code extension that an employee installed. That extension enabled attackers to gain access to GitHub resources, after which internal repository data was exfiltra…