// Alert

GitHub threat report

GitHub is investigating a breach of its internal repositories disclosed on May 20, 2026. According to GitHub's confirmation reported in the press, a malicious Visual Studio Code extension compromised an employee's device, giving the attacker access to roughly 3,800 internal GitHub repositories containing private source code. The threat group TeamPCP has publicly claimed responsibility for the intrusion, asserting access to approximately 4,000 repositories. GitHub has not indicated that customer-facing production systems or end-user data were affected. The incident underscores the supply-chain risk posed by trojanized IDE extensions on developer workstations with privileged code access.

// Get alerts for GitHub