GitHub said it investigated an intrusion into its internal repositories that was carried out using a malicious Visual Studio Code extension, affecting an employee’s devices and prompting immediate containment steps. The company confirmed around 3,800 repositories were compromised and rotated important security keys while continuing log analysis and monitoring. #GitHub #VSCode #TeamPCP
Information
- Victim: GitHub
- Website: github.com
- Country: United States
- Date Reported: 2026-05-19
Keypoints
- GitHub released the results of its investigation into an intrusion targeting its internal repositories.
- The attack was carried out using a malicious Visual Studio Code extension.
- The malicious extension targeted an employee’s devices the day before the disclosure.
- GitHub removed the malicious version of the extension and isolated affected endpoints.
- About 3,800 repositories were compromised, matching the attacker TeamPCP’s claim.
- GitHub began rotating important security keys on May 19 to reduce security risk.
- The company plans to continue system log analysis and ongoing monitoring.
Read More: https://www.minsimnews.com/news/articleView.html?idxno=50678