GitHub Confirms 3,800 Internal Repos Stolen Through Poisoned VS Code Extension

Decrypt·

GitHub Confirms 3,800 Internal Repos Stolen Through Poisoned VS Code Extension

60-second summary

GitHub confirms that 3,800 internal repositories have been stolen through a poisoned Visual Studio Code extension, revealing sensitive source code to the attackers. TeamPCP gained access after an employee unknowingly installed the malicious tool, compromising GitHub's private source code.

TeamPCP gained access to GitHub's private source code after an employee unknowingly installed a malicious coding tool.