Close Menu
Tech News VisionTech News Vision
  • Home
  • What’s On
  • Mobile
  • Computers
  • Gadgets
  • Apps
  • Gaming
  • How To
  • More
    • Web Stories
    • Global
    • Press Release

Subscribe to Updates

Get the latest tech news and updates directly to your inbox.

Trending Now
Best External Hard Drives (2026): SSD to Store Data, Video, and More

Best External Hard Drives (2026): SSD to Store Data, Video, and More

12 July 2026
Here’s How Apple Is Updating Its Child Safety Features in iOS 27

Here’s How Apple Is Updating Its Child Safety Features in iOS 27

12 July 2026
The 28 Best STEM Toys for the Techie Kids in Your Life

The 28 Best STEM Toys for the Techie Kids in Your Life

12 July 2026
Facebook X (Twitter) Instagram
  • Privacy
  • Terms
  • Advertise
  • Contact
Facebook X (Twitter) Instagram Pinterest VKontakte
Tech News VisionTech News Vision
  • Home
  • What’s On
  • Mobile
  • Computers
  • Gadgets
  • Apps
  • Gaming
  • How To
  • More
    • Web Stories
    • Global
    • Press Release
Tech News VisionTech News Vision
Home » GitHub confirms breach affecting thousands of internal repositories
What's On

GitHub confirms breach affecting thousands of internal repositories

News RoomBy News Room21 May 2026Updated:21 May 2026No Comments
Facebook Twitter Pinterest LinkedIn Tumblr Email
GitHub confirms breach affecting thousands of internal repositories

Microsoft-owned GitHub confirmed on Wednesday that attackers exfiltrated data from roughly 3,800 internal repositories after a poisoned Visual Studio Code extension compromised an employee device.

This incident marks the latest in a series of software supply chain attacks linked to the hacking group TeamPCP.

The group claimed on Tuesday to have stolen source code and internal organisational data from about 4,000 repositories and offered the material for sale on a cybercrime forum for at least $50,000. GitHub said the attackers’ estimate was “directionally consistent” with its own investigation and stated that the activity appeared limited to internal repositories.

GitHub said it had “no evidence of impact to customer information stored outside of GitHub’s internal repositories”, including enterprise or customer-hosted repositories. The Microsoft-owned platform said it had rotated critical secrets and credentials, isolated the compromised endpoint and continued analysing logs for follow-on activity.

In a statement cited by Cyber Security News, GitHub said: “Our current assessment is that the activity involved exfiltration of GitHub-internal repositories only.” The company added: “We continue to analyse logs, validate secret rotation, and monitor for any follow-on activity.”

Ilkka Turunen, Field CTO at Sonatype, said the incident reflects the growing targeting of developers in supply chain attacks. “This is another reminder that developers are now permanent targets in software supply chain attacks. TeamPCP has shown how a motivated attacker can move through the tools developers trust every day – open source packages, extensions, accounts and credentials – rather than trying to break in through the front door.”

TeamPCP has been linked to a series of attacks targeting open-source projects and developer infrastructure during 2026, including incidents affecting TanStack, Bitwarden CLI and Checkmarx. Malicious versions of Microsoft’s durabletask Python package have also recently been distributed with credential-stealing malware capable of spreading across AWS and Kubernetes environments.

GitHub said it would publish a fuller incident report once its investigation is complete.


Share. Facebook Twitter Pinterest LinkedIn Tumblr Email

Related Posts

Apple’s self-driving car program left a legacy of powerful AI chips

Apple’s self-driving car program left a legacy of powerful AI chips

12 July 2026
Less is more with the Oura Ring 5

Less is more with the Oura Ring 5

12 July 2026
The history of Philips Hue smart lights

The history of Philips Hue smart lights

12 July 2026
The fight against AI data centers is just beginning

The fight against AI data centers is just beginning

12 July 2026
Editors Picks
Apple’s self-driving car program left a legacy of powerful AI chips

Apple’s self-driving car program left a legacy of powerful AI chips

12 July 2026
Less is more with the Oura Ring 5

Less is more with the Oura Ring 5

12 July 2026
The history of Philips Hue smart lights

The history of Philips Hue smart lights

12 July 2026
The fight against AI data centers is just beginning

The fight against AI data centers is just beginning

12 July 2026

Subscribe to Updates

Get the latest tech news and updates directly to your inbox.

Trending Now
Tech News Vision
Facebook X (Twitter) Instagram Pinterest Vimeo YouTube
  • Privacy Policy
  • Terms of use
  • Advertise
  • Contact
© 2026 Tech News Vision. All Rights Reserved.

Type above and press Enter to search. Press Esc to cancel.