The company that hosts the world's code just had its own code stolen — and the attack vector was one of the most trusted tools in every developer's daily rotation.
GitHub has confirmed that attackers compromised 3,800 of its internal repositories by exploiting a poisoned Visual Studio Code extension. The malicious package masqueraded as a legitimate tool, quietly executing a supply chain worm that worked its way through GitHub's internal systems before anyone caught on. This wasn't a brute-force break-in. It was a patient, surgical attack that used developer trust as the weapon.
Supply chain attacks are having a moment, and not in a good way. The playbook is almost elegant in its cynicism: instead of battering down the front door of a hardened target, you poison the tools that developers already trust and use every day. VS Code extensions are a perfect vector because they run with significant local permissions, update silently, and developers install them constantly without much scrutiny. One bad package in a busy marketplace, and suddenly you have a worm with valid credentials crawling through private infrastructure.
What makes this particularly uncomfortable is the target. GitHub isn't just any tech company — it's the backbone of modern software development, home to both open-source projects and proprietary code for millions of organizations worldwide. If attackers can pull off a supply chain worm inside Microsoft's own developer platform, that raises serious questions about how well anyone is auditing the extensions and packages sitting inside their own workflows.
The Microsoft Python SDK was also caught up in the attack, adding another layer of exposure. Python tooling is embedded in data science pipelines, internal automation scripts, and backend services across virtually every major organization. The blast radius of a compromised SDK is hard to fully map, which is exactly what makes this kind of attack so attractive to sophisticated threat actors.
For developers, the uncomfortable takeaway is that the threat isn't always coming from outside your perimeter. Sometimes it's the extension you installed six months ago and forgot about. Security teams are already stretched thin reviewing external-facing infrastructure, and the IDE sitting on every engineer's laptop rarely gets the same scrutiny.
GitHub hasn't confirmed exactly what was inside all 3,800 compromised repositories or whether any of that material has been weaponized further. But the incident is a loud reminder that the software supply chain is only as secure as its weakest dependency — and right now, those dependencies number in the thousands for most modern development environments.
Expect this to accelerate conversations inside security teams about extension vetting policies, mandatory code signing for VS Code packages, and tighter controls on what can run inside developer environments. The era of treating your IDE as a safe zone is over.
STARTUPS
SpaceX IPO Reveals Anthropic Pays $15 Billion for GPU Access
Anthropic is paying a company run by one of its fiercest ideological rivals $1.25 billion every single month just to keep its AI running. Let that sit for a second.
SpaceX's long-awaited S-1 filing dropped this week, and buried inside the regulatory paperwork is one of the most striking financial arrangements in recent tech history. Anthropic has committed to paying SpaceX — parent company of xAI, which makes the competing Grok chatbot — roughly $15 billion total through May 2029 for access to GPU infrastructure at the Colossus and Colossus II data centers straddling Tennessee and Mississippi. The deal was announced earlier this month, but the actual dollar figures were only disclosed publicly through the IPO filing.
The sheer scale of the number reframes how we should think about the AI race. It's not primarily a talent competition or even a research competition right now — it's a compute competition. Whoever can secure the most raw processing power has a structural advantage in training bigger models, running more inference, and shipping products faster. Anthropic, despite its reputation as the safety-focused, measured alternative to OpenAI, is clearly willing to spend at a staggering rate to stay in contention.
For Elon Musk, the arrangement is almost poetic. His xAI operation built Colossus at extraordinary speed and realized it had more capacity than it needed. Rather than let billion-dollar infrastructure sit underutilized, SpaceX is now renting that excess compute to a company whose mission — safe, beneficial AI — sits in direct philosophical tension with Musk's own approach to the technology. Capitalism, as they say, finds a way.
SpaceX framed this as a deliberate dual-monetization strategy in the filing, signaling that renting compute to outside AI companies is now a core part of its business model, not a one-off deal. The company says it expects to sign more contracts like this one, which means Colossus could evolve into one of the most significant AI infrastructure landlords in the industry — a role nobody would have predicted for a rocket company three years ago.
The broader context here is worth sitting with. Anthropic's quarterly revenue is expected to crack $10 billion in Q2 2026, according to reporting from the Wall Street Journal. That's an enormous number for a company that didn't exist five years ago. But when you're burning $1.25 billion a month on compute alone — before salaries, research costs, or anything else — the path to profitability looks like a very long road.
SpaceX, meanwhile, lost nearly $4.3 billion in Q1 of this year despite generating $4.7 billion in revenue, with heavy AI and rocket development spending eating into margins. So the company financing AI compute for Anthropic is itself not exactly printing money yet.
The IPO is targeting a $1.75 trillion valuation, which would make it the largest in history. Investors will need to decide whether the compute landlord business changes the math.
Source: WIRED
SpaceX's long-awaited S-1 filing dropped this week, and buried inside the regulatory paperwork is one of the most striking financial arrangements in recent tech history. Anthropic has committed to paying SpaceX — parent company of xAI, which makes the competing Grok chatbot — roughly $15 billion total through May 2029 for access to GPU infrastructure at the Colossus and Colossus II data centers straddling Tennessee and Mississippi. The deal was announced earlier this month, but the actual dollar figures were only disclosed publicly through the IPO filing.
The sheer scale of the number reframes how we should think about the AI race. It's not primarily a talent competition or even a research competition right now — it's a compute competition. Whoever can secure the most raw processing power has a structural advantage in training bigger models, running more inference, and shipping products faster. Anthropic, despite its reputation as the safety-focused, measured alternative to OpenAI, is clearly willing to spend at a staggering rate to stay in contention.
For Elon Musk, the arrangement is almost poetic. His xAI operation built Colossus at extraordinary speed and realized it had more capacity than it needed. Rather than let billion-dollar infrastructure sit underutilized, SpaceX is now renting that excess compute to a company whose mission — safe, beneficial AI — sits in direct philosophical tension with Musk's own approach to the technology. Capitalism, as they say, finds a way.
SpaceX framed this as a deliberate dual-monetization strategy in the filing, signaling that renting compute to outside AI companies is now a core part of its business model, not a one-off deal. The company says it expects to sign more contracts like this one, which means Colossus could evolve into one of the most significant AI infrastructure landlords in the industry — a role nobody would have predicted for a rocket company three years ago.
The broader context here is worth sitting with. Anthropic's quarterly revenue is expected to crack $10 billion in Q2 2026, according to reporting from the Wall Street Journal. That's an enormous number for a company that didn't exist five years ago. But when you're burning $1.25 billion a month on compute alone — before salaries, research costs, or anything else — the path to profitability looks like a very long road.
SpaceX, meanwhile, lost nearly $4.3 billion in Q1 of this year despite generating $4.7 billion in revenue, with heavy AI and rocket development spending eating into margins. So the company financing AI compute for Anthropic is itself not exactly printing money yet.
The IPO is targeting a $1.75 trillion valuation, which would make it the largest in history. Investors will need to decide whether the compute landlord business changes the math.
Enjoyed this?
Get stories like this delivered every Tuesday — free.