Pierluigi Paganini
May 20, 2026
There is something almost ironic about GitHub, the platform that hosts the code for most of the world’s software, getting breached through a trojanized plugin for a code editor. But that is exactly what happened, and the company confirmed it over the weekend.
An employee installed a malicious VS Code extension from the official marketplace. That single action was enough to compromise their device and give an attacker access to roughly 3,800 internal GitHub repositories. The company detected the intrusion, isolated the endpoint, pulled the malicious extension from the marketplace, and started incident response. But the data was already gone.
GitHub disclosed the incident with a series of messages on X:
“Yesterday we detected and contained a compromise of an employee device involving a poisoned VS Code extension. We removed the malicious extension version, isolated the endpoint, and began incident response immediately.”
“On the scope of the breach, the company added: “Our current assessment is that the activity involved exfiltration of GitHub-internal repositories only.” continues the company.”The attacker’s current claims of ~3,800 repositories are directionally consistent with our investigation so far.”
The cybercrime group TeamPCP claimed the attack on the Breached cybercrime forum on Tuesday. The group claimed access to GitHub source code and roughly 4,000 private repositories. They are asking a minimum of $50,000 for the stolen data, with the usual framing that this is not a ransom, they want a single buyer, and if no one pays, they will leak it for free. The rhetoric is familiar, and the price tag suggests they believe what they have is genuinely valuable.
TeamPCP is behind other supply chain attacks, in the past they targeted PyPI packages and NPM repositories, and most recently the “Mini Shai-Hulud” campaign that also caught two OpenAI employees. The pattern is consistent: go after the tools developers trust, poison the supply chain, and let the downstream damage multiply.
GitHub says there is currently no evidence that customer data stored outside the affected repositories has been compromised. However, the investigation is ongoing.
What is frustrating about this incident is that it is entirely consistent with a pattern that has been building for years. The VS Code marketplace has a well-documented history of malicious extensions slipping through, and the consequences have been serious.
Each incident produces the same response: the extension gets removed, a post-mortem gets written, and developers are reminded to be careful about what they install. Then it happens again.
The GitHub breach makes the stakes clearer than any of the previous incidents. This was not an end user losing credentials. This was a developer at one of the most security-conscious companies in the world, working on internal systems, installing something that looked legitimate enough to pass their judgment, and that one decision cascaded into a breach of thousands of internal repositories.
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, malware)
