GitHub Confirms Hack Impacting 3,800 Internal Repositories

Summary

GitHub confirmed that approximately 3,800 internal repositories were breached in a supply chain attack orchestrated by the TeamPCP hacking group. The intrusion occurred when a GitHub employee installed a malicious VS Code extension, granting attackers access to the company's internal source code and organizational data. The threat actor initially claimed access to 4,000 repositories and demanded $50,000 for the stolen information; GitHub has since rotated critical secrets and is conducting a full forensic investigation.

Full text

Microsoft-owned code-hosting platform GitHub on Wednesday morning confirmed that approximately 3,800 internal repositories were impacted in a supply chain attack. On Tuesday, the infamous hacking group TeamPCP, known for a series of recent supply chain attacks targeting the open source software community, claimed the hack of 4,000 GitHub internal repositories. Boasting about the incident on an underground hacking forum, the threat actor claimed the theft of source code and internal orgs, offering the allegedly stolen information to any buyer willing to pay at least $50,000 for it. GitHub launched an investigation into the matter shortly after and roughly five hours later confirmed the attackers’ claims. “Our current assessment is that the activity involved exfiltration of GitHub-internal repositories only. The attacker’s current claims of ~3,800 repositories are directionally consistent with our investigation so far,” GitHub said. The code-sharing platform immediately rotated critical secrets, prioritizing highest-impact credentials first.Advertisement. Scroll to continue reading. “We continue to analyze logs, validate secret rotation, and monitor for any follow-on activity. We will take additional action as the investigation warrants,” GitHub said, promising a full incident report at a later date. The intrusion, the platform said, was the result of an employee installing a poisoned VS Code extension. GitHub did not name the extension and did not share details on the type of data the compromised employee device contained. According to Aikido Security researcher Charlie Eriksen, VS Code extensions have full access to all data on a developer’s machine, including credentials, SSH keys, cloud keys, and all other secrets. “Developer workstations are the number one target in supply chain attacks right now, and this is exactly why. TeamPCP has compromised Trivy, Checkmarx, Bitwarden CLI, TanStack, and now GitHub, all in 2026, all through developer tooling,” Aikido Security’s Mackenzie Jackson said. “A single VS Code extension on one employee’s machine was enough to get access to 3,800 internal GitHub repositories. Most security teams still have zero visibility into what extensions or packages are on their developers’ machines, or how recently they were published. That’s the blind spot these attacks keep walking through,” Jackson added. Related: TeamPCP Ups the Game, Releases Shai-Hulud Worm’s Source Code Related: OpenAI Hit by TanStack Supply Chain Attack Related: TanStack, Mistral AI, UiPath Hit in Fresh Supply Chain Attack Related: Are SBOMs Failing? Supply Chain Attacks Rise as Security Teams Struggle With SBOM Data Written By Ionut Arghire Ionut Arghire is an international correspondent for SecurityWeek. Daily Briefing Newsletter Subscribe to the SecurityWeek Email Briefing for the latest cybersecurity threats, trends, and expert insights. More from Ionut Arghire Carnival Data Breach Exposed 6 Million PeopleNew BTMOB Android Malware Enables Full Device TakeoverCritical FortiClient EMS Vulnerability Exploited in Fresh AttacksGitea Vulnerability Exposed 30,000 Deployments to AttacksGoogle Unveils AI Threat Defense Platform to Fight AI-Powered CyberattacksRevEng.AI Raises $15 Million to Hunt for Flaws and Backdoors in Software BinariesGlassWorm Botnet DisruptedFBI: Hackers Sending Operatives in Person to Insert USB Drives and Steal Data Latest News In Other News: Trump Mobile Data Breach, FIFA World Cup Phishing, CISA Responds to Supply Chain AttacksCharter Communications Data Breach Could Impact Nearly 5 MillionMokN Raises $15 Million for Phish-Back PlatformGogs Zero-Day Exposes Servers to Remote Code ExecutionCalifornia Sues 23andMe, Alleging It Failed to Protect User Data in 2023 BreachChrome 148 Update Patches 151 VulnerabilitiesRussia-Linked ‘GreyVibe’ Attackers Use AI to Supercharge CyberattacksGeordie Raises $30 Million for AI Security and Governance Platform Trending Daily Briefing NewsletterSubscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts. Virtual Event: Threat Detection and Incident Response Summit On-Demand Delve into big-picture strategies to reduce attack surfaces, improve patch management, conduct post-incident forensics, and tools and tricks needed in a modern organization. Register Webinar: Third-Party Risk in Practice June 4, 2026 Organizations are investing heavily in third-party risk management, but breaches, delays, and blind spots continue to persist. Join this live webinar as we examine the gap between how organizations think their third-party risk programs are performing and what’s actually happening in practice. Register People on the MoveAnurag Jain has been appointed Senior Vice President of Engineering at CodeHunterCTERA has appointed Tal Sarfaty as Senior Vice President of Cybersecurity.Quantum Secure Encryption has named Michael Massing as Chief Technology Officer.More People On The MoveExpert Insights Raising the Cybersecurity Stakes: Ante up for the Agentic Era CISOs are now facing machine-speed attacks and asking, “How do I agent?” The industry must provide remediation at scale. (Nadir Izrael) Caught Off Guard: Securing AI After It Hits Production As enterprises rush AI projects into production, security teams are increasingly being forced into reactive mode. (Joshua Goldfarb) Cyber Resilience is the New Business Continuity Plan The organizations best prepared to face disruption are those that align security, continuity and risk management around what the business cannot afford to lose. (Steve Durbin) Enhancing Data Center Security Without Sacrificing Performance For AI data centers, where the stakes are the highest and performance constraints are the tightest, security and performance are no longer a zero-sum game. (Nadir Izrael) Is the SOC Obsolete, and We Just Haven’t Admitted It Yet? Many AI-first enterprises have already embraced sovereign architectures for general AI initiatives; cybersecurity—and the SOC—should be next. (Danelle Au) Flipboard Reddit Whatsapp Whatsapp Email

Indicators of Compromise

• malware — TeamPCP
• malware — Shai-Hulud Worm

Entities