A malicious VSCode extension was used to breach 3,800 GitHub repositories. The extension was able to exfiltrate sensitive information by rewriting files in .github/workflows and pushing them to GitHub. The attack highlights the risks of using third-party extensions and the importance of security measures. The exact details of the breach are still being investigated.