https://invaders.ie/resources/blog/supply-chain-attack/github-breach-forces-ghes-signing-key-rotation Invaders Security en 2026-06-04T08:06:43.819Z GitHub breach forces GHES signing-key rotation GitHub internal repositories breach 2026, GitHub Enterprise Server signing key rotation, poisoned VS Code extension GitHub, developer tool supply chain risk, GHES signing key rotation May 2026 https://invaders.ie/resources/blog/vulnerability/one-click-githubdev-attack-lets-malicious-repos-steal-full-github-tokens Invaders Security en 2026-06-03T14:00:20.563Z One-Click github.dev Attack Lets Malicious Repos Steal Full GitHub Tokens github.dev token stealing, VSCode webview vulnerability, GitHub OAuth token theft, one-click GitHub attack, developer security, malicious VSCode extension