GitHub Breach: 3,800 Internal Repositories Compromised via Malicious VS Code Extension
Severity: High (Score: 68.2)
Sources: Techcrunch, therecord.media, Uk.Pcmag, Reddit, Tradersunion
Published: · Updated:
Keywords: github, repositories, internal, breach, teampcp, code, claimed
Severity indicators: breach
Summary
On May 20, 2026, GitHub confirmed a significant security breach involving a poisoned Visual Studio Code (VS Code) extension that compromised an employee's device. The attack, attributed to the TeamPCP hacking group, resulted in the exfiltration of approximately 3,800 internal repositories. GitHub's initial assessment indicated that the breach did not affect customer data stored outside its internal systems. The malicious extension was promptly removed, and GitHub initiated an incident response, including credential rotation. TeamPCP is reportedly offering the stolen data for sale on cybercrime forums, demanding at least $50,000. The breach highlights vulnerabilities in developer tools and the potential for significant impacts on software supply chains. GitHub is continuing to monitor for any follow-on activity as the investigation progresses. Key Points: • GitHub confirmed the breach of approximately 3,800 internal repositories via a malicious VS Code extension. • The TeamPCP hacking group claimed responsibility and is attempting to sell the stolen data for over $50,000. • GitHub's response included immediate isolation of the affected device and rotation of critical credentials.
Detailed Analysis
**Impact** Approximately 3,800 internal GitHub repositories were exfiltrated following a compromise of an employee device. The stolen data includes proprietary platform source code, internal organizational files, infrastructure configurations, deployment scripts, staging credentials, and internal API schemas. No evidence currently indicates that customer repositories, enterprise organizations, or user data stored outside GitHub’s internal systems were affected. The breach impacts the global software development ecosystem, including millions of developers and over 4 million organizations, with potential downstream risks from leaked infrastructure intelligence. **Technical Details** The attack vector was a poisoned Visual Studio Code extension installed on a GitHub employee’s device. The threat group TeamPCP (tracked as UNC6780) claimed responsibility, leveraging supply chain compromise techniques previously used in attacks on npm, PyPI, and other developer tools. The malicious extension collected credentials silently and enabled exfiltration of internal repositories. The compromised extension identified is likely the Nx Console VS Code extension (version 18.95.0), which was live for approximately 18 minutes and had over 2.2 million installs. The attacker’s kill chain included initial access via the extension, credential theft, and data exfiltration. No specific CVEs were disclosed. **Recommended Response** Immediate rotation of all API keys, secrets, and credentials stored in private repositories is advised, prioritizing high-impact credentials. Remove and block the identified malicious VS Code extension and audit installed extensions for suspicious activity. Monitor logs for anomalous access patterns and follow-on activity indicative of lateral movement or persistence. Implement endpoint controls that inspect interpreted artifacts such as VS Code extensions, and apply minimum age blocking policies for newly published extensions to reduce exposure windows.
Source articles (34)
- GitHub investigates internal repositories breach claimed by TeamPCP — Bleepingcomputer · 2026-05-20
GitHub is investigating a breach of its internal repositories after the TeamPCP hacker group claimed to have accessed approximately 4,000 repositories containing private code. GitHub's cloud-based dev… - Nx Console Vs Code Extension Compromised — www.stepsecurity.io · 2026-05-20
- Vscode Extensions With 9 Million Installs Pulled Over Security Risks — www.bleepingcomputer.com · 2026-05-20
Microsoft has removed two popular VSCode extensions, 'Material Theme – Free' and 'Material Theme Icons – Free,' from the Visual Studio Marketplace for allegedly containing malicious code. The two exte… - Github Hack Alert What You Need To Do With Your Api Keys And Credentials Today — coinpedia.org · 2026-05-20
- Trivy Supply Chain Attack — www.paloaltonetworks.com · 2026-05-20
- Github Confirms Teampcp Hack Customers Unaffected — therecord.media · 2026-05-20
- GitHub confirms security incident via сompromised VS Code extension — Tradersunion · 2026-05-20
GitHub, the Microsoft-owned platform, has confirmed that attackers gained unauthorized access to its internal repositories by compromising an employee’s device through a malicious Visual Studio Code… - GitHub's Internal Repos Breached Via Employee's Use of Malicious VS Code Extension — Rss.Slashdot · 2026-05-20
Longtime Slashdot reader Himmy32 writes: GitHub has announced on X that their internal repositories have been breached through a compromised VS Code Extension on an employee's workstation. Bleeping Co… - GitHub says internal repositories were taken in poisoned VS Code extension attack — Cyberscoop · 2026-05-20
GitHub said late Tuesday that internal repositories were exfiltrated after an employee device was compromised through a poisoned Visual Studio Code extension, an incident that underscores the growing… - GitHub Confirms Internal Repository Breach via Malicious VS Code Extension — Kucoin · 2026-05-20
GitHub confirmed on Tuesday that attackers gained unauthorized access to its internal repositories after compromising an employee device through a poisoned Visual Studio Code extension. The Microsoft-… - GitHub confirms breach of 3,800 repos via malicious VSCode extension — Bleepingcomputer · 2026-05-20
GitHub has confirmed that roughly 3,800 internal repositories were breached after one of its employees installed a malicious VS Code extension. The company has since removed the unnamed trojanized ext… - GitHub says hackers stole data from thousands of internal repositories — Techcrunch · 2026-05-20
GitHub, the popular developer platform owned by Microsoft, confirmed it was hacked and attackers had stolen data from around 3,800 internal code repositories. The code hosting and sharing giant said i… - GitHub Confirms Breach of 3,800 Repos via Poisoned VS Code Extension — Coinfomania · 2026-05-20
GitHub isolates internal systems; threat group TeamPCP targets an employee device via a poisoned VS Code extension to access 3,800 repos. Summary is AI generated, newsroom reviewed. A malicious VS Cod… - GitHub admits major source code leak after 3,800 internal repositories breached — Csoonline · 2026-05-20
Microsoft’s GitHub has suffered what appears to be its biggest ever security breach after confirming that attackers exfiltrated code from around 3,800 of the company’s internal repositories. News of t… - Hackers Infiltrate GitHub by Compromising Employee Device — Uk.Pcmag · 2026-05-20
Microsoft-owned GitHub, a major platform for software developers, has suffered a breach traced to an employee device that was infected with malware . GitHub disclosed the breach on Tuesday and said it… - GitHub says internal repos exfiltrated after poisoned VS Code extension attack — Theregister · 2026-05-20
Initial assessment says customer data spared while users wonder what else may have slipped out GitHub, the world's biggest code repository and DevOps platform, fell victim to a malicious Visual Studio… - GitHub Confirms Breach of Internal Repositories Via Malicious VS Code Extension — Infosecurity-Magazine · 2026-05-20
The Microsoft-owed software developer platform, GitHub, has confirmed a third-party has gained unauthorized access to 3800 internal repositories. The breach was detected on May 19 and likely comes fro… - TeamPCP breached GitHub’s internal codebase via poisoned VS Code extension — Feeds2.Feedburner · 2026-05-20
Following TeamPCP’s claim that they’ve breached GitHub’s own private code repositories, the Microsoft-owned company launched an investigation and confirmed the compromise. “Our current assessment is t… - GitHub confirms 3,800 internal repos stolen through poisoned VS Code extension as supply ... — Venturebeat · 2026-05-20
GitHub confirmed on May 20 that a poisoned VS Code extension installed on an employee’s device gave attackers access to roughly 3,800 internal repositories at the Microsoft-owned code storage and auth… - GitHub Investigates TeamPCP Claimed Breach of 4,000 Repositories — Technadu · 2026-05-20
GitHub is currently investigating potential unauthorized access to its internal repositories. This security review follows public claims made by the threat actor group known as TeamPCP, which alleges… - GitHub Updates Security Incident: Employee Device Compromised via Malicious VS Code Extension — Kucoin · 2026-05-20
ChainCatcher report: GitHub has updated its investigation details regarding the unauthorized access incident to internal repositories: Yesterday, GitHub detected and contained an incident involving a… - GitHub Breached via VS Code Extension — Aikido.Dev · 2026-05-20
On May 19, GitHub disclosed that it was investigating unauthorized access to internal repositories. TeamPCP claims to have extracted data from roughly 4,000 private repos. The reported vector: a malic… - TeamPCP Claims Breach of Internal GitHub Repositories (Incident) — Wiz · 2026-05-20
According to GitHub’s public statement, the company detected unauthorized access involving internal repositories and initiated an ongoing investigation into the scope and potential impact of the incid… - Compromised coding tool helped hackers breach thousands of GitHub repositories — Cybersecuritydive · 2026-05-20
The attack is the latest example of hackers’ intense focus on open-source packages. Hackers stole data from thousands of GitHub repositories, the code-hosting giant said on Tuesday. “While we currentl… - GitHub compromised, allegedly by TeamPCP — Itnews.Au · 2026-05-20
Microsoft-owned web-based code hosting and collaboration platform GitHub has confirmed that it has been compromised, following reports that the TeamPCP hacking group had successfully attacked it. GitH…
Timeline
- 2026-02-06 — CVE-2026-25592 published: Vulnerability assigned a CVE identifier and published in the National Vulnerability Database.
- 2026-02-19 — CVE-2026-26030 published: Vulnerability assigned a CVE identifier and published in the National Vulnerability Database.
- 2026-05-19 — Unauthorized access detected: GitHub reported investigating unauthorized access to its internal repositories, leading to further scrutiny.
- 2026-05-20 — Breach confirmed: GitHub confirmed that a poisoned VS Code extension compromised an employee device, leading to the exfiltration of 3,800 repositories.
- 2026-05-20 — TeamPCP claims responsibility: The hacking group TeamPCP claimed to have accessed GitHub's internal repositories and is advertising the data for sale.
- 2026-05-20 — Malicious extension removed: GitHub removed the malicious VS Code extension from its marketplace and initiated incident response protocols.
- 2026-05-20 — Credential rotation initiated: Following the breach, GitHub prioritized rotating critical credentials to mitigate further risks.
CVEs
Related entities
- TeamPCP (Apt Group)
- FAMOUS CHOLLIMA (Apt Group)
- Pressure Chollima (Apt Group)
- Stardust Chollima (Apt Group)
- Data Breach (Attack Type)
- Malware (Attack Type)
- Ransomware (Attack Type)
- Supply Chain Attack (Attack Type)
- Trojan (Attack Type)
- Worm (Attack Type)
- Mini Shai-Hulud (Malware)
- CanisterWorm (Malware)
- Shai-hulud (Malware)
- TeamPCP Cloud Stealer (Malware)
- XMRig (Malware)
- Mini Shai-Hulud Campaign (Campaign)
- PCPJack (Campaign)
- Aqua Security (Company)
- Checkmarx (Company)
- European Commission (Company)
- Grafana Labs (Company)
- OpenAI (Company)
- SAP (Company)
- TanStack (Company)
- Telnyx (Company)
- AntV (Company)
- AWS (Company)
- Azure (Company)
- Google Cloud Platform (Company)
- LimeWire (Company)
- Open VSX (Company)
- Bitwarden (Tool)
- Trivy (Tool)
- Nx Console (Tool)
- 1Password (Tool)
- Claude Code (Tool)
- CodeQL (Tool)
- Docker (Tool)
- GitHub Actions (Tool)
- GitHub Copilot (Tool)
- JavaScript (Tool)
- Npm (Tool)
- Python (Tool)
- VS Code (Tool)
- Anthropic Mythos Security AI (Tool)
- Durable Task Python SDK (Tool)
- KICS (Tool)
- Nrwl.angular-console Extension (Tool)
- Nx Console Extension (Tool)
- Sigstore (Tool)
- Trivy Vulnerability Scanner (Tool)
- Visual Studio Code Extension (Tool)
- VS Code Extension (Tool)
- GitHub (Platform)
- Axios (Platform)
- Bitwarden CLI (Platform)
- Fulcio (Platform)
- GitHub.com (Platform)
- GitHub Enterprise Server (Platform)
- HashiCorp Vault (Platform)
- Kubernetes (Platform)
- PyPI (Platform)
- Rekor (Platform)
- TanStack Router (Platform)
- Visual Studio Code (Platform)
- Visual Studio Marketplace (Platform)
- VSCode (Platform)
- VS Code Marketplace (Platform)
- China (Country)
- CWE-200 - Exposure of Sensitive Information (Cwe)
- CWE-94 - Code Injection (Cwe)
- docker.in (Domain)
- ecosystems.in (Domain)
- marketplace.visualstudio.com (Domain)
- sanity.io (Domain)
- Financial Services (Industry)
- T1003 - OS Credential Dumping (Mitre Attack)
- T1027 - Obfuscated Files Or Information (Mitre Attack)
- T1041 - Exfiltration Over C2 Channel (Mitre Attack)
- T1071 - Application Layer Protocol (Mitre Attack)
- T1078 - Valid Accounts (Mitre Attack)
- T1195 - Supply Chain Compromise (Mitre Attack)
- T1203 - Exploitation for Client Execution (Mitre Attack)
- T1486 - Data Encrypted for Impact (Mitre Attack)
- T1566 - Phishing (Mitre Attack)
- T1567.002 - Exfiltration to Cloud Storage (Mitre Attack)
- T1567 - Exfiltration Over Web Service (Mitre Attack)
- Vect Ransomware Group (Ransomware Group)
- 79ac49eedf774dd4b0cfa308722bc463cfe5885c (Sha1)
- XZ Utils (Vulnerability)