GitHub confirms 3,800 internal repos stolen through poisoned VS Code extension as supply chain worm hits Microsoft’s Python SDK

GitHub confirmed attackers stole 3,800 internal repositories via a poisoned VS Code extension. The same threat group, TeamPCP, simultaneously compromised Microsoft's durabletask Python ...
Indiatimes

GitHub confirms 'hacking' attack; says: We detected and contained a compromise of an employee device involving a poisoned ...

GitHub has confirmed a cyberattack involving unauthorized access to some of its internal repositories after a threat actor claimed it had stolen and was attempting to sell company data online. In a ...
Hosted on MSN

GitHub confirms breach — thousands of internal repositories hit

GitHub confirms an employee’s compromised device led to exfiltration of internal repositories via a poisoned VSCode extension Threat actors TeamPCP are selling an archive of roughly 4,000 repos on the ...
International Business Times

500 Poisoned Packages, Hundreds of Companies: TeamPCP’s Worm Just Reached GitHub

A GitHub employee installed a routine VS Code extension update on the morning of May 18, 2026. That single action handed cybercrime group TeamPCP enough access to exfiltrate approximately 3,800 of ...
Hosted on MSN

Hacker group hits 3,800 internal GitHub repositories via poisoned developer plugin

GitHub has officially confirmed, via an X post today, that thousands of its internal repositories were breached after an employee's device was compromised through a malicious Visual Studio Code ...
Forbes

GitHub Says 3,800 Repositories Breached—TeamPCP Hackers Demand $50,000

This voice experience is generated by AI. Learn more. This voice experience is generated by AI. Learn more. GitHub confirms 3,800 repositories breached. GitHub, the cloud-based hosting service used by ...
techtimes

GitHub CISO Names Nx Console as Root of 3,800-Repo Breach: OpenAI, Grafana Also Hit

GitHub CISO Alexis Wales confirmed Thursday that a poisoned build of the Nx Console Visual Studio Code extension — live on Microsoft's official Visual Studio Marketplace for just 18 minutes on May 18 ...