GitHub confirms 3,800 internal repos stolen through poisoned VS Code extension as supply chain worm hits Microsoft’s Python SDK

GitHub confirmed attackers stole 3,800 internal repositories via a poisoned VS Code extension. The same threat group, TeamPCP ...

GitHub confirms breach of 3,800 internal repos after employee installs poisoned VS Code extension

GitHub confirms breach of 3,800 internal repos after employee installs poisoned VS Code extension - SiliconANGLE ...
Tech Times

500 Poisoned Packages, Hundreds of Companies: TeamPCP’s Worm Just Reached GitHub

A GitHub employee installed a routine VS Code extension update, handed cybercrime group TeamPCP enough access to exfiltrate ...

Inside the GitHub Breach: The suspicious extension that exposed internal repositories and what went wrong

GitHub has contained a breach involving unauthorized access to thousands of internal repositories, allegedly linked to a ...

GitHub investigates internal repositories breach claimed by TeamPCP

GitHub is investigating a breach of its internal repositories after the TeamPCP hacker group claimed to have accessed ...
SecurityWeek

Over 320 NPM Packages Hit by Fresh Mini Shai-Hulud Supply Chain Attack

A fresh Mini Shai-Hulud supply chain attack has hit over 320 NPM packages, along with GitHub Actions and a VS Code extension.
Forbes

10 Key Takeaways From GitHub Octoverse 2025 Report

GitHub Universe 2025, held October 28-29 at the Fort Mason Center in San Francisco, showcased the latest innovations shaping the future of software development and coincided with the release of the ...