GitHub is just the latest victim of TeamPCP, a gang that has carried out a spree of software supply chain attacks that has impacted hundreds of organizations.
TeamPCP continues its attack on open source projects, now apparently asking for $50,000.
GitHub confirms breach of 3,800 internal repos after employee installs poisoned VS Code extension - SiliconANGLE ...
The code hosting giant GitHub said it was investigating a breach but said there was no evidence of customer data theft.
GitHub confirmed attackers stole 3,800 internal repositories via a poisoned VS Code extension. The same threat group, TeamPCP ...
GitHub CISO Alexis Wales confirmed Thursday that a poisoned build of the Nx Console Visual Studio Code extension — live on ...
A threat actor compromised an Nx developer and posed as a legitimate maintainer to publish a malicious extension on Visual ...
The Microsoft-owed software developer platform, GitHub, has confirmed a third-party has gained unauthorized access to 3800 ...
Morning Overview on MSN
GitHub just confirmed hackers broke into its own code through a poisoned coding tool — slipping in on a developer’s laptop without anyone noticing for days
Sometime in early 2025, an attacker slipped malicious code into a Visual Studio Code extension, and a GitHub employee ...
Morning Overview on MSN
The GitHub break-in began on one developer’s laptop and a poisoned coding add-on — then spread to the keys guarding code inside thousands of companies
Sometime in early 2026, a software developer did what millions of programmers do every week: updated a dependency. The ...
GitHub has confirmed that roughly 3,800 internal repositories were hacked after an employee installed an infected VS Code ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results