News
GitHub Confirms Breach of 3,800 Internal Repositories via Poisoned VS Code Extension — Source Code Listed for Sale
GitHub disclosed on May 20 that a compromised employee device, infected via a malicious VS Code extension, led to unauthorized access to approximately 3,800 internal repositories including GitHub Actions, Copilot internals, CodeQL tools, and Codespaces. Threat actor TeamPCP listed the source code for sale at $50,000+ on a cybercrime forum. GitHub says no customer-hosted data was impacted but is rotating critical secrets and will publish a fuller post-incident report.
Source
↳ Follow the thread