GitHub Breach Steals 3800 Repos, China Bans Nvidia 5090D V2

GitHub Confirms Poisoned VS Code Extension Breach Exfiltrating 3800 Repositories

• GitHub confirmed exfiltration of 3800 internal repositories via poisoned VS Code extension.
• TeamPCP claimed responsibility and listed the data for sale on cybercrime forums.
• No customer data was affected; GitHub rotated critical secrets and isolated the device.

USA, May 20 (TNGB) – GitHub confirmed on May 20 that attackers exfiltrated data from roughly 3800 internal repositories after a GitHub employee installed a poisoned Microsoft Visual Studio Code extension on a corporate device. The threat group TeamPCP claimed responsibility and advertised the stolen code and internal organizations for sale starting at 50000 dollars on an underground forum. GitHub stated its assessment found the claim directionally consistent, isolated the endpoint, removed the malicious extension version, and rotated high-impact credentials with no customer data involved.

TeamPCP reportedly sells the 3800 exfiltrated GitHub repositories on cybercrime forums for at least 50000 dollars.

Why This Matters: Supply chain attacks through trusted developer tools now threaten core intellectual property at major platforms worldwide.

China Bans Nvidia 5090D V2 While Jensen Huang Visits Beijing

• China added the RTX 5090D V2 to its customs banned goods list.
• The ban occurred during President Donald J. Trump and Jensen Huang visit.
• The chip is a downgraded 24GB model designed to comply with U.S. export controls.

BEIJING, May 20 (TNGB) – China added Nvidia RTX 5090D V2 gaming chips to its list of prohibited goods at customs points last Friday while President Donald J. Trump and Nvidia CEO Jensen Huang visited the country for a U.S.-China summit that also included Elon Musk and Tim Cook. The RTX 5090D V2 features 24GB memory and artificial intelligence performance limits to meet U.S. export rules yet still appealed to some AI developers for lighter workloads. Chinese authorities favor domestic alternatives such as Huawei amid the restrictions.

The ban reportedly blocks shipments of the RTX 5090D V2 even as Nvidia revenue from China fell to nine percent.

Why This Matters: The timing underscores escalating U.S.-China technology competition and its direct impact on global chip supply chains.

UK Government Spent 650000 Pounds on Digital ID Adverts Amid Crisis

• UK authorities spent over 650000 pounds promoting digital ID systems.
• Spending continued during a period of high cost-of-living pressures.
• Figures came from public records obtained through freedom of information requests.

LONDON, May 20 (TNGB) – The UK government spent more than 650000 pounds of taxpayer money on digital ID advertisements across multiple media channels while households faced elevated living costs and inflation. Public records released after freedom of information requests detailed the campaign budget and placement strategy aimed at increasing adoption of identity verification platforms. Officials have not disclosed specific performance metrics for the expenditure.

The campaign total reached 650000 pounds during ongoing economic strain on British families.

Why This Matters: Taxpayer funds allocated to digital ID promotion raise questions about priorities during economic hardship.

Customers Report Trump Mobile Leaking Personal Information Online

• Trump Mobile customers reported leaks of names, emails, and home addresses.
• The vulnerability existed on the company website trumpmobile.com.
• Approximately 10000 unique customers and 30000 T1 phone preorders were exposed.

USA, May 20 (TNGB) – Customers of Trump Mobile reported that the company website exposed names, email addresses, home addresses, and order details through a security vulnerability. YouTubers Coffeezilla and Cr1TiKaL verified their own leaked data matched the exposure and estimated roughly 10000 unique customer IDs and 30000 preorders for the T1 phone, representing about five percent of the 600000 sales the company previously claimed. Trump Mobile has not responded to multiple alerts about the issue.

The site reportedly exposed customer personal information excluding credit card details for thousands of users.

Why This Matters: Data exposure on a high-profile consumer electronics site erodes trust in new market entrants.

Grafana Labs Breach Stemmed from Missed Token Rotation After Attack

• Grafana experienced unauthorized access after failing to rotate tokens.
• The lapse followed a prior compromise of TanStack infrastructure.
• Attackers maintained persistence through the unrotated credentials.

USA, May 20 (TNGB) – Grafana Labs suffered a breach after security teams missed rotating access tokens following an earlier attack on TanStack systems that supplied components to Grafana dashboards. The overlooked step reportedly allowed continued unauthorized entry to internal repositories and customer data environments. The company has since enforced automated token rotation policies across its infrastructure.

The Grafana incident shows how chained supply chain failures extend attacker dwell time in monitoring platforms.

Why This Matters: Missed credential hygiene after one incident can compound damage across connected developer tools.

China Reportedly Bans RTX 5090D V2 During Nvidia CEO Visit

• China banned the RTX 5090D V2 graphics processor.
• The prohibition took effect while Jensen Huang and President Trump visited.
• The move targets hardware used in both gaming and limited AI workloads.

BEIJING, May 20 (TNGB) – China reportedly banned the RTX 5090D V2 while Nvidia CEO Jensen Huang accompanied President Donald J. Trump on a visit to Beijing that included discussions on technology trade. The chip, launched in August 2025 with 24GB memory and reduced AI capabilities to satisfy U.S. export controls, was added to customs prohibited lists. Domestic manufacturers such as Huawei stand to gain market share from the restriction.

The ban reportedly halts imports of the RTX 5090D V2 during high-level bilateral meetings.

Why This Matters: Hardware restrictions during diplomatic visits accelerate decoupling in critical technology sectors.

Pizza Hut Franchisees File 100 Million Dollar Lawsuit Over AI System

• Pizza Hut franchisees sued the parent company for 100 million dollars.
• The suit alleges failures in the AI-powered delivery platform.
• Owners claim order errors and revenue losses across locations.

USA, May 20 (TNGB) – Pizza Hut franchisees filed a 100 million dollar lawsuit alleging the company AI delivery system caused repeated order inaccuracies, delayed deliveries, and significant revenue shortfalls at multiple outlets. The legal action claims inadequate testing and rollout of the automated routing and driver assignment technology led to operational failures. Franchise owners seek compensation for implementation costs and lost business.

The lawsuit claims the AI delivery platform inflicted 100 million dollars in damages on franchise operators.

Why This Matters: Large-scale AI deployment in franchise operations can trigger costly legal and financial repercussions when performance falls short.

Drupal Releases Critical Update for High Risk Exploitation Bug

• Drupal issued a critical patch addressing a high-risk vulnerability.
• The flaw carried potential for remote code execution on unpatched sites.
• Administrators received urgent guidance to apply the update immediately.

USA, May 20 (TNGB) – Drupal released a critical security update that closes a bug with high exploitation risk allowing remote code execution on vulnerable websites. The vulnerability affected core content management functions and was actively targeted in the wild according to security researchers tracking exploit attempts. Site administrators worldwide were instructed to apply the patch without delay to prevent compromise.

The update addresses a remotely exploitable flaw in the widely used Drupal platform.

Why This Matters: Unpatched content management systems remain prime targets for mass website compromises.

Meta Reassigns Employees Spared from Job Cuts to AI Positions

• Meta reassigned staff who avoided recent layoffs into AI teams.
• The internal moves support expanded machine learning initiatives.
• Remaining employees received new roles tied to core AI development.

USA, May 20 (TNGB) – Meta reassigned employees who survived the most recent layoffs directly into artificial intelligence and machine learning teams as part of ongoing restructuring. The shifts reportedly accelerate development of recommendation algorithms, content moderation models, and generative AI features across Facebook, Instagram, and WhatsApp. Company leadership described the reassignments as essential to maintaining competitive positioning in AI.

Meta reportedly redirected spared employees into AI roles following the latest workforce reductions.

Why This Matters: Internal talent shifts toward AI signal long-term strategic priority even amid headcount cuts.

Figure AI Humanoid Robots Draw Massive Online Attention for Package Handling

• Figure AI released videos of humanoid robots handling packages.
• The demonstrations showed precise sorting and movement of varied items.
• Public and industry interest surged across social platforms.

USA, May 20 (TNGB) – Figure AI published video footage of its humanoid robots executing package handling tasks including sorting, lifting, and placing items of different sizes and weights in warehouse-like settings. The robots demonstrated adaptive grasping and navigation that drew millions of views and commentary from robotics engineers and logistics executives. The company continues testing the platforms for commercial deployment.

The videos of Figure AI robots performing package tasks have generated widespread online engagement.

Why This Matters: Public demonstrations of capable humanoid robots accelerate discussions on automation in logistics and manufacturing.