A single browser tab, a single click on “Install,” and a cybercriminal group called TeamPCP was inside GitHub’s own house.

GitHub confirmed attackers stole 3,800 internal repositories via a poisoned VS Code extension. The same threat group, TeamPCP ...

GitHub confirms breach of 3,800 internal repos after employee installs poisoned VS Code extension - SiliconANGLE ...

The code hosting giant GitHub said it was investigating a breach but said there was no evidence of customer data theft.

A GitHub employee has unwittingly allowed 3,800 internal repositories to be breached after a device compromise with a poisoned VS Code extension.

GitHub confirmed a breach affecting about 3,800 internal repositories after an employee installed a malicious VS Code ...

GitHub confirmed an attacker was able to access its internal repositories after a code extension breach, with TeamPCP ...

GitHub is investigating a breach of its internal repositories after the TeamPCP hacker group claimed to have accessed ...

GitHub has confirmed that roughly 3,800 internal repositories were hacked after an employee installed an infected VS Code ...

TeamPCP exfiltrated 3,800 internal GitHub repositories after poisoning a VS Code extension. No customer data was affected, the company says.

The Megalodon supply chain attack poisoned over 5,500 GitHub repositories via automated commits injecting GitHub Actions workflows.