TeamPCP gained access to GitHub's private source code after an employee unknowingly installed a malicious coding tool.

GitHub lost 3,800 internal repos after poisoned Nx Console update exposed developer credentials and supply-chain risk.

A threat actor compromised an Nx developer and posed as a legitimate maintainer to publish a malicious extension on Visual ...

An infected VS Code extension compromised around 3,800 repositories owned by GitHub. And that's something that all developers ...

TeamPCP continues its attack on open source projects, now apparently asking for $50,000.

GitHub CISO Alexis Wales confirmed Thursday that a poisoned build of the Nx Console Visual Studio Code extension — live on ...

GitHub internal repositories breached via malicious VS Code extension; TeamPCP demands $50K for 3,800 stolen repos May 2026.

GitHub says the breach of roughly 3,800 internal repositories was tied to the wider TanStack npm supply-chain attack.

Hackers have stolen data from thousands of GitHub's internal code repositories after compromising an employee's device ...

The code hosting giant GitHub said it was investigating a breach but said there was no evidence of customer data theft.

GitHub is just the latest victim of TeamPCP, a gang that has carried out a spree of software supply chain attacks that has ...

India, May 21 -- GitHub has confirmed a major data breach affecting approximately 3,800 internal code repositories after a ...