GitHub Confirms 3,800 Repos Breached via Malicious VSCode Extension

GitHub has confirmed that approximately 3,800 internal repositories were compromised after an employee unknowingly installed a malicious VS Code extension on a company device. The developer platform has since removed the unverified, trojanized extension from the VS Code Marketplace and isolated the affected machine to contain the incident.

“We detected and contained a compromise of an employee device involving a poisoned VS Code extension. We removed the malicious extension version, isolated the endpoint, and began incident response immediately,” GitHub stated. The company’s current assessment indicates that the breach was limited to GitHub-internal repositories, with the attacker’s claim of roughly 3,800 compromised repos aligning with the company’s ongoing investigation.

This disclosure follows GitHub’s acknowledgment to BleepingComputer on Tuesday evening that it was probing claims of unauthorized access to internal code. At that time, the company stressed that no evidence pointed to customer data stored outside the affected repositories being compromised.

Although GitHub has not officially attributed the breach, the hacker group TeamPCP has claimed responsibility. On Tuesday, the group posted on the Breached cybercrime forum that it had accessed GitHub’s source code and “~4,000 repos of private code,” demanding a minimum of $50,000 for the stolen data. “As always this is not a ransom. We do not care about extorting GitHub. One buyer and we shred the data on our end. It looks like our retirement is soon so if no buyer is found we will leak it free,” the cybercriminals wrote. “If you are interested, send your offers to the communications below. We are not interested in under 50k. The best offer will get it.”

TeamPCP has previously been linked to large-scale supply chain attacks targeting developer platforms like GitHub, PyPI, NPM, and Docker. More recently, the group was tied to the “Mini Shai-Hulud” supply chain campaign, which also impacted two OpenAI employees.

VS Code extensions are plugins sourced from the VS Code Marketplace, an official store for Microsoft’s code editor that allows users to add features or integrate external tools. This is not the first instance of a trojanized extension appearing on that marketplace. Over the past several years, multiple malicious extensions , some with millions of installs , have been used to steal developer credentials and other sensitive data.

For example, last year, VSCode extensions with 9 million installs were pulled due to security risks. Ten others, disguised as legitimate development tools, infected users with the XMRig cryptominer. Later in the year, a malicious extension with basic ransomware capabilities slipped onto the marketplace after a threat actor named WhiteCobra flooded it with 24 crypto-stealing extensions.

More recently, in January, two malicious extensions marketed as AI-based coding assistants with 1.5 million installs exfiltrated data from compromised developer systems to servers in China.

GitHub’s cloud-based platform now supports over 4 million organizations , including 90% of the Fortune 100 , and more than 180 million developers who contribute to over 420 million code repositories.