CZ warned all developers to rotate API keys immediately, even in private repositories.
GitHub confirmed a breach via a poisoned VS Code extension compromising an employee device.
TeamPCP claims 3,800 internal repos were stolen and is selling the data for over $50,000.
Binance founder Changpeng Zhao issued a warning to developers as news of the GitHub breach spread across social media.
“If you have API keys in your code, even private repos, now is the time to double-check and change them,” CZ wrote on X.
The warning came as GitHub confirmed it is investigating unauthorized access to its internal repositories following claims by threat group TeamPCP that it stole data from approximately 4,000 private and internal repositories, including source code and company files.
The group is attempting to sell the stolen data for more than $50,000 on underground forums, …
Read The Full Article CZ Warns Developers to Rotate API Keys as GitHub Confirms Internal Breach On Coin Edition.