// GitHubHIGH
GitHub is investigating a breach of its internal repositories disclosed on May 20, 2026. According to GitHub's confirmation reported in the press, a malicious Visual Studio Code extension compromised an employee's device, giving the attacker access to roughly 3,800 internal GitHub repositories containing private source code. The threat group TeamPCP has publicly claimed responsibility for the intrusion, asserting access to approximately 4,000 repositories. GitHub has not indicated that customer-facing production systems or end-user data were affected. The incident underscores the supply-chain risk posed by trojanized IDE extensions on developer workstations with privileged code access.
- GitHub confirms internal repository breach via VS Code extension(opens in a new tab)
- A Malicious VS Code Extension Just Breached GitHub 's Internal R(opens in a new tab)
- GitHub Breached — Employee Device Hack Led to Exfiltration of 3,(opens in a new tab)
- GitHub investigates internal repositories breach claimed by Team(opens in a new tab)
- GitHub Confirms Hack Impacting 3,800 Internal Repositories - Sec(opens in a new tab)
- GitHub admits major source code leak after 3,800 internal reposi(opens in a new tab)
// Get alerts for GitHub