GitHub has confirmed that around 3,800 of its internal repositories were accessed after one of its employees installed a malicious Visual Studio Code extension.
The company said it detected and contained the incident after discovering that an employee’s device had been compromised through a poisoned VS Code extension. GitHub removed the malicious version of the extension from the VS Code Marketplace, isolated the affected endpoint, and began its incident response process immediately.
2/ Our current assessment is that the activity involved exfiltration of GitHub-internal repositories only. The attacker’s current claims of ~3,800 repositories are directionally consistent with our investigation so far.
— GitHub (@github) May 20, 2026
According to GitHub, the current investigation shows that only GitHub’s internal repositories were involved in the breach. The company said the attacker’s claim of stealing roughly 3,800 repositories is “directionally consistent” with what it has found so far.
This confirmation comes after GitHub earlier told BleepingComputer that it was investigating claims of unauthorized access to its internal repositories. At the time, the company said it had no evidence that customer data stored outside the affected repositories had been impacted.
The TeamPCP hacker group claimed responsibility for the breach on the Breached cybercrime forum, saying it had access to GitHub source code and around 4,000 private code repositories. The group reportedly asked for at least $50,000 for the stolen data and said it would leak the data for free if no buyer came forward.
TeamPCP has previously been linked to major supply chain attacks targeting developer platforms such as GitHub, PyPI, NPM, and Docker. The group was also recently connected to the “Mini Shai-Hulud” supply chain campaign, which reportedly affected two OpenAI employees.
VS Code extensions are add-ons that developers can install from Microsoft’s official Visual Studio Code Marketplace to add new features or connect tools to the editor. However, attackers have increasingly abused these extensions to target developers, steal credentials, and access sensitive data.
This is not the first time malicious VS Code extensions have appeared in the marketplace. In previous cases, extensions with millions of installs were removed over security risks, while others were found spreading cryptominers, stealing crypto assets, or exfiltrating data from developer systems.
If this article helped you, please consider supporting our work. Every small contribution keeps Abijita.com independent and running.
Earlier this year, two malicious extensions promoted as AI coding assistants were found sending data from infected developer machines to servers in China. Another campaign involved a threat actor named WhiteCobra, who uploaded multiple crypto-stealing extensions to the marketplace.





