GitHub Confirms Breach of Internal Repositories Via Malicious VS Code Extension
The prolific threat group TeamPCP has claimed a hack into GitHub’s internal repositories
Read the full articleYou might also wanna read

GitHub Breached via Poisoned VS Code Extension
GitHub has confirmed the exfiltration of roughly 3,800 internal repositories. A poisoned VS Code extension is to blame, highlighting severe
GitHub confirms breach of 3,800 repos via malicious VSCode extension
Previous thread in sequence: GitHub is investigating unauthorized access to their internal repositories - - May 2026 (321 comments) Comments

GitHub breached via a malicious VS Code extension: why developer devices are the real target
GitHub confirmed a poisoned VS Code extension compromised an employee device, exposing 3,800 internal repos. Why developer workstations are
GitHub confirms Nx Console extension was initial access vector
A GitHub breach caused by an employee device utilizing malicious VS code led to attackers compromising more than 3,800 internal repositories
TeamPCP Supply Chain Attack: The npm Worm That Hit GitHub, OpenAI, and Mistral AI
Between May 11 and May 19, 2026, a threat actor called TeamPCP poisoned 170+ npm/PyPI packages, hijacked a VS Code extension with 2.2M insta

GitHub Got Hacked Through a VS Code Extension. Here's the Full Technical Story.
On May 18, a poisoned Nx Console VS Code extension was live on Microsoft’s marketplace for 18 minutes. One GitHub employee installed it. By

Comments
Sign in to join the conversation.
No comments yet. Be the first.