GitHub hit by breach via ‘poisoned’ VS Code extension; 3,800 internal repositories compromised
Table of Contents
A breach from within
GitHub has confirmed that a security compromise involving an employee’s device led to the theft of data from approximately 3,800 of its internal code repositories. The breach highlights a growing and dangerous trend in the developer ecosystem: the use of ‘poisoned’ IDE extensions to bypass traditional security perimeters.
In a series of updates posted to X, the Microsoft-owned platform revealed that the entry point was a malicious plugin for Visual Studio Code (VS Code), the ubiquitous code editor used by millions of developers globally. While GitHub stated it has found no evidence that customer information stored outside these internal repositories was impacted, the scale of the internal leak remains a significant concern for the company’s security posture.
The attack follows a pattern known as a supply chain compromise, where hackers target the tools developers trust rather than attempting to brute-force a hardened network. By compromising a VS Code extension, attackers can execute code directly within a developer’s environment, potentially capturing session tokens, SSH keys, and administrative credentials that grant access to sensitive internal systems.
The TeamPCP Connection
While GitHub has not officially named the specific extension used in the attack, a threat actor group known as TeamPCP has claimed responsibility. The group is reportedly attempting to monetize the stolen data, offering it for sale on various cybercrime forums.
TeamPCP is no stranger to high-profile targets. The group previously claimed credit for a massive breach at the European Commission, which resulted in the theft of over 90 gigabytes of data from the EU’s executive arm’s cloud storage. That operation demonstrated a similar tactical approach; the hackers had previously compromised Trivy, a popular vulnerability scanning tool, to push info-stealing malware to downstream users, eventually securing the cloud keys necessary to infiltrate the Commission’s infrastructure.
The growing threat to developer tooling
The GitHub incident is not an isolated event, but rather part of a broader offensive targeting the very tools used to build the modern web. Recently, OpenAI found itself in the crosshairs of a similar attack involving Tanstack, a widely used platform for web developers. In that instance, hackers pushed malicious updates that allowed them to harvest passwords and authentication tokens from unsuspecting users.
For developers, these attacks are particularly insidious because they leverage the inherent trust placed in open-source plugins and extensions. Because VS Code allows for a rich ecosystem of third-party add-ons, it has become a primary vector for state-sponsored actors and cybercriminals looking for a “backdoor” into major tech companies.
GitHub has not yet responded to inquiries regarding whether the company has engaged in ransom negotiations with TeamPCP or if the full extent of the leaked internal code has been indexed by the attackers. For now, the company maintains that the compromise was detected and contained, though the fallout from 3,800 leaked repositories may take weeks or months to fully assess as security teams scrub the code for leaked secrets or architectural vulnerabilities.