CyberheistNews Vol 16 #21 [Heads Up] GitHub Breach Shows Developer Tools Are Social Engineering Targets

This newsletter reports several active and notable threats: a GitHub compromise where a poisoned Visual Studio Code extension allowed access to internal repositories, phishing campaigns leveraging legitimate AI app sharing links to steal credentials, large-scale romance-scam losses in the UK, and industry reports showing social engineering remains a dominant initial access vector and drives insurance claims and ransomware activity.