Skip to main content
Login
institutional access

You are connecting from
Lake Geneva Public Library,
please login or register to take advantage of your institution's Ground News Plan.

Published loading...Updated

GitHub Says 3,800 Repositories Breached—TeamPCP Hackers Demand $50,000

GitHub said it rotated critical secrets and is monitoring systems after attackers allegedly listed about 4,000 repositories for sale.

  • On Tuesday, GitHub announced it is investigating unauthorized access to internal repositories after TeamPCP allegedly listed the data for sale on a cybercrime forum.
  • The breach originated from a compromised employee device infected through a malicious Microsoft Visual Studio Code extension, GitHub confirmed in a follow-up post.
  • While TeamPCP claims the breach includes roughly 4,000 repositories, GitHub's investigation indicates the activity involved roughly 3,800, with hackers demanding at least $50,000 for the data.
  • The company currently has no evidence of impact to customer information stored outside its internal repositories and has rotated critical secrets and secured high-priority credentials.
  • Investigators are "closely monitoring" infrastructure for additional malicious activity, and GitHub will notify affected customers through standard incident response channels if any confirmed impact arises.
Insights by Ground AI

35 Articles

VentureBeatVentureBeat
Center

GitHub confirms 3,800 internal repos stolen through poisoned VS Code extension as supply chain worm hits Microsoft's Python SDK

GitHub confirmed on May 20 that a poisoned VS Code extension installed on an employee’s device gave attackers access to roughly 3,800 internal repositories at the Microsoft-owned code storage and authorship platform. The threat group TeamPCP, formally tracked by Google Threat Intelligence Group as UNC6780, claimed responsibility and is advertising the stolen repositories for sale starting at $50,000. GitHub’s assessment: the attacker’s claim is …

·San Francisco, United States
Read Full Article
TNWTNW
Lean Left

GitHub breached via poisoned VS Code extension, 3,800 repos stolen

It is an unsettling irony when the world’s largest code-hosting platform becomes the victim of its own ecosystem. GitHub confirmed on Tuesday that a threat actor exfiltrated approximately 3,800 internal repositories after compromising an employee’s device through a poisoned Visual Studio Code extension, marking one of the most significant breaches the Microsoft-owned company has ever […] This story continues at The Next Web

·Amsterdam, Netherlands (Kingdom of the)
Read Full Article
TechCrunchTechCrunch
Center

GitHub says hackers stole data from thousands of internal repositories

The code hosting giant GitHub said it was investigating a breach, but said there was no evidence of customer data theft.

·United States
Read Full Article
ForbesForbes
Center

GitHub Says 3,800 Repositories Breached—TeamPCP Hackers Demand $50,000

A GitHub employee has unwittingly allowed 3,800 internal repositories to be breached after a device compromise with a poisoned VS Code extension.

·United States
Read Full Article
Cybersecurity DiveCybersecurity Dive
Center

Compromised coding tool helped hackers breach thousands of GitHub repositories

The attack is the latest example of hackers’ intense focus on open-source packages.

Read Full Article
The NewsThe News
Lean Right

GitHub probes alleged breach of 4,000 internal repositories

GitHub is investigating a security breach after the cybercrime group TeamPCP claimed to have accessed approximately 4,000 private repositories containing the platform's internal source...

·Pakistan
Read Full Article
Think freely.Subscribe and get full access to Ground NewsSubscriptions start at $9.99/yearSubscribe

Bias Distribution

  • 67% of the sources are Center
67% Center

Factuality Info Icon

To view factuality data please Upgrade to Premium

Ownership

Info Icon

To view ownership data please Upgrade to Vantage

BleepingComputer broke the news on Wednesday, May 20, 2026.
Too Big Arrow Icon
Sources are mostly out of (0)

Similar News Topics

Changpeng Zhao (CZ) icon

Changpeng Zhao (CZ)

Hacking icon

Hacking

Microsoft icon

Microsoft

Supply Chain icon

Supply Chain

Cyberattacks icon

Cyberattacks

Technology icon

Technology

Cyber Security icon

Cyber Security

News
Feed Dots Icon
For You
Search Icon
SearchBlindspot LogoBlindspotLocal