GitHub Confirms Data Breach of 3,800 Internal Repositories via Malicious Extension
Here's what it means for you.
As a professional in tech, this breach underscores the critical need for robust cybersecurity practices in software development.
What happened
On May 19, 2026, GitHub confirmed that approximately 3,800 internal repositories were compromised due to a malicious Visual Studio Code extension.
The Context
- Vulnerabilities in Developer Tools: The breach highlights significant risks associated with supply chain attacks targeting popular development environments.
- Ongoing Investigation: GitHub is actively investigating the incident, with no evidence of external customer data being compromised.
- TeamPCP's Threat: The hacking group TeamPCP claimed responsibility, offering the stolen data for sale, raising alarms about the ongoing threat to software development environments.
The Number
— This is the number of internal repositories accessed during the breach, emphasizing the scale of potential exposure for organizations relying on GitHub for code management.
Takeaway
Expect heightened scrutiny and discussions around securing developer tools and supply chains in the wake of this incident.
Tech news, hardware, and AI tools coverage.
"PC/tech site increasingly covering AI hardware and apps."
— A47 Editor
Hackers breach GitHub and access 3,800 internal repositories now listed for sale
GitHub has confirmed that approximately 3,800 of its internal repositories were accessed by hackers, attributed to a breach facilitated by a malicious Visual Studio Code extension installed by an employee. The cybercrime group TeamPCP claims the numb...
Consumer tech news, reviews, and buying guides for gadgets and electronics.
"TechRadar is known for comprehensive buying advice, hardware reviews, and consumer tech news targeted at mainstream audiences."
— A47 Editor
GitHub confirms breach — thousands of internal repositories hit after employee installs malicious VS Code extension
GitHub has confirmed a significant security breach affecting approximately 3,800 internal repositories, which were compromised through a malicious Visual Studio Code (VS Code) extension installed by an employee. The hacker group TeamPCP has claimed r...
Arabic tech news covering startups, apps, AI, and gadgets.
"AITnews is a well-known Arabic technology outlet covering regional tech developments."
— A47 Editor
اختراق ضخم يضرب GitHub.. تسريب آلاف المستودعات السرية عبر إضافة خبيثة
GitHub has confirmed a significant breach affecting approximately 3,800 internal repositories due to a malicious extension installed by an employee in Visual Studio Code. The company quickly detected and contained the attack by removing the infected ...
Focuses on transformative tech, AI, gaming, and startup innovation.
"VentureBeat is respected for its in-depth reporting on AI, startups, and disruptive technologies in Silicon Valley and beyond."
— A47 Editor
GitHub confirms 3,800 internal repos stolen through poisoned VS Code extension as supply chain worm hits Microsoft’s Python SDK
GitHub confirmed that approximately 3,800 internal repositories were compromised due to a poisoned VS Code extension installed on an employee's device. The threat group TeamPCP, also known as UNC6780, has claimed responsibility for the breach and is ...
Opinionated AI coverage for general audiences.
"TNW’s AI vertical covering tools, ethics, and trends."
— A47 Editor
GitHub confirms hackers stole thousands of internal code repositories after employee installed a poisoned VS Code extension
GitHub confirmed that approximately 3,800 internal repositories were stolen by hackers after an employee installed a malicious Visual Studio Code extension, marking a significant breach for the platform. The cybercrime group TeamPCP has claimed respo...
Startup news with frequent AI coverage.
"Covers launches, funding, and product updates in AI."
— A47 Editor
GitHub says hackers stole data from thousands of internal repositories
GitHub has confirmed that hackers stole approximately 3,800 internal repositories after an employee installed a malicious Visual Studio Code extension. The company is currently investigating the breach, which has raised concerns about the security of...
Curated tech headlines including AI stories.
"Influential aggregator surfacing the day’s top tech/AI links."
— A47 Editor
GitHub confirms ~3,800 internal repositories were breached after one of its employees installed a malicious VS Code extension; TeamPCP claims responsibility (Sergiu Gatlan/BleepingComputer)
GitHub has confirmed that approximately 3,800 internal repositories were breached after an employee installed a malicious Visual Studio Code extension, with the cybercrime group TeamPCP claiming responsibility for the attack. This incident raises sig...
Covers blockchain, cryptocurrency news, project analysis, and market insights.
"Cointelegraph is a leading crypto-focused media outlet known for timely news, analysis, and educational content related to blockchain and digital assets."
— A47 Editor
GitHub investigates unauthorized access to internal repositories
GitHub is currently investigating unauthorized access to approximately 3,800 of its internal repositories, which involved the exfiltration of sensitive data. The company has taken steps to remove the malicious code extension that facilitated this bre...
Curated tech headlines including AI stories.
"Influential aggregator surfacing the day’s top tech/AI links."
— A47 Editor
GitHub says it's investigating "unauthorized access" to its internal repositories, and there's no proof of customer data outside its repositories being impacted (@github)
GitHub is currently investigating unauthorized access to its internal repositories, stating that there is no evidence of customer data being affected outside these repositories. The company is taking this matter seriously as it seeks to understand th...