GitHub says it detected and contained a compromise after an employee installed a malicious VS Code extension. The company removed the trojanized extension, secured the affected device, and now believes roughly 3,800 internal repositories were exfiltrated—while
For GitHub, it started with a single click inside a development workflow—and it ended with the kind of breach companies dread most: source code exposure tied to an employee endpoint.
GitHub has confirmed that roughly 3,800 internal repositories were breached after one of its employees installed a malicious VS Code extension. The extension’s name hasn’t been identified publicly. What GitHub did make clear is how quickly it acted once it found the compromise.
“Yesterday we detected and contained a compromise of an employee device involving a poisoned VS Code extension. We removed the malicious extension version, isolated the endpoint, and began incident response immediately,” the company said.
In its assessment, GitHub says the activity was focused on GitHub-internal repositories. “Our current assessment is that the activity involved exfiltration of GitHub-internal repositories only. The attacker’s current claims of ~3,800 repositories are directionally consistent with our investigation so far.”.
The timing matters because the breach was first surfaced through outside claims of unauthorized access. GitHub told BleepingComputer on Tuesday evening that it was investigating reports involving access to its internal repositories. and that it had no evidence customer data stored outside the affected repositories had been affected.
Even without attribution, the public pressure around this breach has been immediate. While GitHub has yet to name who was responsible. the TeamPCP hacker group posted claims on a Breached cybercrime forum on Tuesday. The group said it had access to GitHub source code and claimed “~4. 000 repos of private code. ” asking for at least $50. 000 for the stolen data.
“As always this is not a ransom. We do not care about extorting Github. 1 buyer and we shred the data on our end. it looks like our retirement is soon so if no buyer is found we will leak it free. ” the cybercriminals said. “If you are interested. Send your offers to the communications below, we are not interested in under 50k, the best offer will get it.”.
The claims land in a wider pattern that’s become hard to ignore in recent years: trojanized development tools circulating through marketplaces. VS Code extensions are plugins installed from the VS Code Marketplace—Microsoft’s store for add-ons to the editor—to add features or integrate tools. But that same ecosystem has repeatedly been abused.
This isn’t the first time a poisoned extension slipped into the marketplace. Multiple malicious extensions with millions of installs have been used to steal developer credentials and other sensitive data over the last several years. Last year. VSCode extensions with 9 million installs were pulled over security risks. and 10 more. posing as legitimate development tools. infected users with the XMRig cryptominer.
Later in the year, a malicious extension with basic ransomware capabilities made its way onto the marketplace after a threat actor named WhiteCobra flooded it with 24 crypto-stealing extensions.
More recently, in January, two malicious extensions advertised as AI-based coding assistants with 1.5 million installs exfiltrated data from compromised developer systems to servers in China.
GitHub’s platform is a major target precisely because it sits in the middle of modern software building. The cloud-based service is used by over 4 million organizations, including 90% of the Fortune 100, and more than 180 million developers who contribute to over 420 million code repositories.
TeamPCP, meanwhile, was previously linked to large supply chain attacks aimed at developer code platforms including GitHub, PyPI, NPM, and Docker. More recently, it was tied to the “Mini Shai-Hulud” supply chain campaign, which also impacted two OpenAI employees.
Right now. GitHub’s message is that it has removed the malicious VS Code extension version and secured the compromised device. with its investigation pointing to exfiltration of GitHub-internal repositories only. The hacker group’s forum post. pitching about 4. 000 private repos and demanding at least $50. 000. adds a grim parallel track to what GitHub says it has already contained—suggesting that. for developers. the supply chain threat isn’t theoretical anymore.
And once that code is taken, the market for it doesn’t wait.
GitHub breach malicious VS Code extension trojanized extension repository exfiltration TeamPCP developer supply chain VS Code Marketplace security XMRig cryptominer cloud code platforms