https://blog.catalyst9.ai/tags/incident/Recent content in Incident on Catalyst9 EngineeringHugoen-usWed, 20 May 2026 00:00:00 -0600https://blog.catalyst9.ai/posts/2026-05-20-github-vscode-extension-breach/Wed, 20 May 2026 00:00:00 -0600https://blog.catalyst9.ai/posts/2026-05-20-github-vscode-extension-breach/GitHub’s internal repos got exfiltrated through a poisoned VS Code extension. Here’s the threat model that actually matters — and what credential-storage architecture can and can’t do about it.