Registration
 
All news
Top Stories
Editors' Picks
Crypto News
Financial News
Currencies
Market Voices
Billionaires
Companies
Regulators News
Olga Shendetskaya
Olga Shendetskaya

GitHub confirms security incident via сompromised VS Code extension

GitHub confirms security incident via сompromised VS Code extension
Thousands of internal repos accessed in security incident

​GitHub, the Microsoft-owned platform, has confirmed that attackers gained unauthorized access to its internal repositories by compromising an employee’s device through a malicious Visual Studio Code extension. The company detected the breach, isolated the affected endpoint, removed the harmful extension, and immediately launched an incident response.

Highlights

  • Attackers accessed around 3,800 internal GitHub repositories.
  • The breach occurred through a malicious Visual Studio Code extension on an employee’s device.
  • The incident affected only internal systems; customer data was not compromised.
  • Group TeamPCP is trying to sell the stolen data for over $50,000.

Scope of the breach

According to CoinPedia, GitHub stated that the number of affected internal repositories—approximately 3,800—aligns with the attacker’s claims. The cybercriminal group TeamPCP has claimed responsibility and is reportedly attempting to sell the stolen data on underground forums for more than $50,000. The leaked materials reportedly include proprietary source code and internal organizational files.

Importantly, GitHub emphasized that the breach was limited to its internal systems. Customer repositories, enterprise organizations, and user data stored outside internal GitHub systems were not affected.

Company response

GitHub acted quickly after discovery: it isolated the compromised device, revoked and rotated critical credentials (prioritizing the most sensitive ones), and continues to monitor for any secondary activity. The company said it will publish a more detailed report once the investigation is complete and will notify customers through official channels if any customer data is found to be impacted.

Security experts recommend that all developers review and rotate API keys and credentials stored in their repositories as a precautionary measure, even if their repositories were not directly affected.

GitHub has rotated critical secrets and is actively monitoring for further activity.

 

Rising risks in developer toolchains

This incident serves as a stark reminder of how vulnerable even the largest technology platforms can be. An attack delivered through a seemingly routine developer tool—a VS Code extension—highlights the growing threat to the software supply chain.

For millions of developers worldwide, it underscores the need for greater vigilance: regularly auditing installed extensions, practicing strict credential hygiene, and maintaining strong security awareness. While GitHub responded swiftly, the full implications of the breach may take time to become clear as the investigation continues.

Earlier, we reported that hackers used GitHub for crypto crimes.

This material may contain third-party opinions, none of the data and information on this webpage constitutes investment advice according to our Disclaimer. While we adhere to strict Editorial Integrity, this post may contain references to products from our partners.

Editor's Picks for You

Crypto on the court: How NBA Finals became a showcase for Ledger
  • By Anastasiia Chabaniuk
  • 20 hours ago
Crypto on the court: How NBA Finals became a showcase for Ledger
Editors' Picks
How to build wealth from scratch in 3 practical steps
  • By Johnathan Maverick
  • Yesterday
How to build wealth from scratch in 3 practical steps
Editors' Picks
Kospi Index crash: Why South Korean market fell alongside AI stocks
  • By Eugene Komchuk
  • Yesterday
Kospi Index crash: Why South Korean market fell alongside AI stocks
Editors' Picks
All Editors' Top Picks

Latest Microsoft News

Microsoft stock faces bearish momentum with RSI in sell territory: weekly analysis
  • By Dan Blystone
  • 12 hours ago
Microsoft stock faces bearish momentum with RSI in sell territory: weekly analysis
Financial News
#Forecast #Microsoft
Microsoft stock consolidates as nationwide Microsoft 365 Copilot rollout reaches NHS England
  • By Emilio Ghigini
  • 12 hours ago
Microsoft stock consolidates as nationwide Microsoft 365 Copilot rollout reaches NHS England
Financial News
#Forecast #Microsoft
Microsoft stock holds steady as NHS England Copilot AI contract secured
  • By Andreas Kristo
  • 13 hours ago
Microsoft stock holds steady as NHS England Copilot AI contract secured
Financial News
#Forecast #Microsoft
All Microsoft News
  • Anastasiia Chabaniuk
  • 20 hours ago
Crypto on the court: How NBA Finals became a showcase for Ledger
  • Johnathan Maverick
  • Yesterday
How to build wealth from scratch in 3 practical steps
  • Eugene Komchuk
  • Yesterday
Kospi Index crash: Why South Korean market fell alongside AI stocks
  • Mira Kyivska
  • 07.06.2026
Bitcoin or Ferrari: Which investment is better?
  • Mira Kyivska
  • 06.06.2026
Strategy sells Bitcoin: Small sale tests market confidence
  • Hlib Chabaniuk
  • 7 min ago
Gracy Chen: SpaceX to go public with market price at $2.2T
  • Jose Antonio Gastelum
  • 37 min ago
Laura Shin: Strategy trades at 84 percent of value amid retail dominance in STRC
  • Daria Chernytska
  • 42 min ago
Tokens deplete rapidly in Claude Fable workflow, Ethan Mollick notes
  • Igor Krasulya
  • 52 min ago
Jonah Lupton: Healthcare stocks outperform as tech and software face pressure
  • Dmytro Kharkov
  • 1 hour ago
Tom McClellan: Market correction driven by bearish seasonality and RASI +500 failure
Weekly Top Bonuses
up to $2,500
deposit bonus for all clients
CLAIM BONUS
Your capital is at risk.
Top News
  • Igor Krasulya
  • 12 hours ago
SpaceX-Google pact fuels debate over IPO valuation
SpaceX-Google pact fuels debate over IPO valuation
  • Jose Antonio Gastelum
  • 16 hours ago
U.S. futures rise as AI IPO hopes lift tech sentiment
U.S. futures rise as AI IPO hopes lift tech sentiment
  • Olga Shendetskaya
  • 18 hours ago
Bond yields raise pressure on Fed as inflation risks persist
Bond yields raise pressure on Fed as inflation risks persist
  • Andrey Mastykin
  • 19 hours ago
BlackRock launches space ETF with fast IPO entry
BlackRock launches space ETF with fast IPO entry
  • Anastasiia Chabaniuk
  • 20 hours ago
Hormuz closure pushes Iraq and UAE to expand oil pipelines
Hormuz closure pushes Iraq and UAE to expand oil pipelines
Live News
  • Dmytro Kharkov
  • Now
IBM seeks fresh momentum after four-day losing streak
  • Anton Kharitonov
  • Now
Microsoft declines as market seeks returns on AI investments
  • Anton Kharitonov
  • Now
Apple declines after WWDC as investors expected more
  • Dmytro Kharkov
  • Now
Intel gains momentum as Google and Nvidia fuel foundry hopes
  • Anton Kharitonov
  • Now
Bitcoin remains under pressure amid record capital outflows
Who We Are
Business Solutions
For Users
TU News
Popular Sections
Disclosures
CONTACT US
Legal
We are in Social Media
© IAFT Ltd., 2010-2026 All rights to the website are owned by IAFT Ltd.,
Registration number - HE 336186
  • Risk disclosure:

    Information on the TradersUnion.com website is for informational purposes only and does not constitute any motive or suggestion to visitors to invest money. Moreover, we hereby warn you that trading on the Forex and CFD markets is always a high risk. According to the statistics, 75-89% of customers lose the funds invested and only 11-25% of traders earn a profit. Trading in futures and options carries substantial risk of loss and is not suitable for every investor.

    That is why you should only invest money that you are prepared — or can afford — to lose at such high risks. Tradersunion.com does not provide any financial services, including investment or financial advisory services. Also, the Traders Union is not a broker and does not get money for trading in the Forex or CFD markets. Our website only provides information on brokers and the markets and helps its users to select the best brokerage company based on detailed information and objective analysis of brokers.

  • Disclaimer:

    Traders Union (TradersUnion.com) shall not be liable for the consequences of trading decisions made by the Client and for the possible loss of his capital resulting from the use of this website and information published on it.

    Forex market, CFD and cryptocurrency trading involves high risks and is not suitable for everyone. Before investing money, you need to adequately assess the level of your expertise and be aware of the risks, particularly in the context of trading with leverage. The information on this website is not intended for distribution or use by any person in any country or jurisdiction, where such distribution or use would be in violation of the local law or regulation. Any payments by Traders Union (TradersUnion.com) to the users of our website shall be legally interpreted solely as an incentive on our part for the activity on the website in the form of a deduction of a part of the advertising income; they shall not be a subject of any claims of our users or our obligations, a subject of disputes, as well as cannot be considered in relation to the services provided to users by brokers, both in fact and in their completeness and volume. The administration of the website shall not be liable for the content of user comments and reviews about the companies and shall not verify whether the authors of the reviews are indeed real clients of a specific company. All reviews, both negative and positive are published on the website without verification of their reliability; only offensive reviews that call for violence or any kind of discrimination and also reviews published from one group of IP addresses are moderated and removed. The authors of the materials shall be fully liable for the accuracy, completeness and impartiality of any information in the articles and reviews, including in the context of their use or mention of any brand names or trademarks. All mentions of the names of companies and their brands in any materials on the website shall be made in the context of communication of socially important information to the people about their activities by independent journalists, who are the authors. All evaluations and indicators on the website express the subjective opinion of the authors of the reviews (articles) and shall not be viewed as accurate statements and be a subject of disputes and claims against Traders Union.

  • Disclosure of advertisers and revenues:

    All the services on the Tradersunion.com website are free for you to use. Our team spends thousands of hours per annum researching brokers and gathering information about them to help investors all over the world to choose reliable companies and to avoid fraudsters.

    Indeed, the curating, sourcing, and organization of this process requires substantial financial investment by Tradersunion.com, which the website earns in the form of advertising payments. There are two types of advertising services on the website — direct advertising or partner (broker) participation programs. However, no services purchased by our partners shall affect the recommendations on our website, or our opinions, or ratings. Our ratings are based on our objective rating criteria and methodology; and the results are always equally and fairly applied to each broker. The work of our content authors and research groups does not involve any interaction with our advertisers and they do not have access to data concerning the amount of advertising purchased. For over 10 years we consider our independence, absolute openness, and objectivity as our main priority. Please follow the links to each of our affiliated broker’s websites. This will help Tradersunion.com to continue to provide our services to you for free.

onepercentfortheplanet.org World Association of News Publishers https://gdpr.eu/ GDPR