GitHub confirmed on Wednesday that around 3,800 internal repositories were stolen in a security breach involving unauthorised access. The company said the incident originated from a compromised employee device, which was infected via a malicious VS Code extension. "We continue to analyse logs, validate secret rotation, and monitor for any follow-on activity," it said on X.