TeamPCP breaches GitHub, accessing 3,800 internal code repositories
TeamPCP has successfully breached GitHub, accessing approximately 3,800 internal code repositories. The attackers exploited a malicious Visual Studio Code extension to gain entry, targeting critical features such as GitHub Actions and Copilot. GitHub has classified the incident as a software supply-chain attack but reports no evidence of customer data being compromised.
- ▪TeamPCP accessed 3,800 internal code repositories at GitHub through a compromised Visual Studio Code extension.
- ▪The stolen data includes source code for GitHub Actions, Copilot, and CodeQL, which is now being offered for sale on underground markets for at least $50,000.
- ▪GitHub has taken measures to protect critical secrets and will notify customers if the risk profile changes.
Opening excerpt (first ~120 words) tap to expand
TeamPCP breaches GitHub, accessing 3,800 internal code repositories A malicious VS Code extension gave attackers access to source code for GitHub Actions, Copilot, and CodeQL, now being shopped on underground markets for at least $50K. Share Add us on Google by Editorial Team May. 21, 2026 window.sevioads = window.sevioads || []; var sevioads_preferences = []; sevioads_preferences[0] = {}; sevioads_preferences[0].zone = "01f21ccf-2092-46b1-9ac7-8c44cc782e0f"; sevioads_preferences[0].adType = "native"; sevioads_preferences[0].inventoryId = "c5700508-581b-472c-8fdd-a931cdbfc8e1"; sevioads_preferences[0].accountId = "1e47efc1-ec2d-4fca-a8b9-354e249e5095"; sevioads.push(sevioads_preferences); A threat group called TeamPCP gained access to roughly 3,800 of GitHub’s internal code repositories…
Excerpt limited to ~120 words for fair-use compliance. The full article is at Crypto Briefing.
Discussion
0 commentsMore from Crypto Briefing
