500 Poisoned Packages, Hundreds of Companies: TeamPCP's Worm Just Reached GitHub
Source: Techtimes
Published:
<p>A GitHub employee installed a routine VS Code extension update on the morning of May 18, 2026. That single action handed cybercrime group TeamPCP enough access to exfiltrate approximately 3,800 of GitHub's internal source code repositories — everything from platform infrastructure to proprietary