GitHub says a malicious Visual Studio Code extension led to the compromise of about 3,800 internal repositories after an employee installed the bad plugin on a company device. The extension has been removed from the VS Code Marketplace and the affected machine has been isolated, but the incident is another reminder that developer tooling has […]