Hacker group hits 3,800 internal GitHub repositories via poisoned developer plugin — TeamPCP claims source code theft and attempts $50,000 sale, employee installed malicious VS Code extension
A hacker group named TeamPCP has breached approximately 3,800 internal GitHub repositories through a malicious Visual Studio Code extension. GitHub has confirmed the incident and has taken steps to contain the breach, including rotating critical secrets and isolating affected systems. The hacker group claims to have stolen internal source code and is attempting to sell it for $50,000, threatening to leak the data if no buyer is found.
- ▪GitHub confirmed that an employee's device was compromised via a malicious VS Code extension.
- ▪TeamPCP claims to have exfiltrated internal source code and is seeking $50,000 for the stolen material.
- ▪GitHub has already rotated critical secrets and credentials as part of its containment efforts.
Opening excerpt (first ~120 words) tap to expand
Tech Industry Cybersecurity Hacker group hits 3,800 internal GitHub repositories via poisoned developer plugin — TeamPCP claims source code theft and attempts $50,000 sale, employee installed malicious VS Code extension News By Etiido Uko published 20 May 2026 GitHub says it has already rotated critical secrets and credentials following the breach When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works. (Image credit: Getty / Bloomberg) Share Copy link Facebook X Whatsapp Reddit Pinterest Flipboard Email Share this article Join the conversation Follow us Add us as a preferred source on Google Newsletter Subscribe to our newsletter GitHub has officially confirmed, via an X post today, that thousands of its internal repositories were breached…
Excerpt limited to ~120 words for fair-use compliance. The full article is at Tom's Hardware.
Discussion
0 commentsMore from Tom's Hardware
