Storia in 16 fonti

A hacker group is poisoning open source code at an unprecedented scale

GitHub is just the latest victim of TeamPCP, a gang that has carried out a spree of software supply chain attacks.

Raccontata da

darkreading.com+4 altre

martedì 19 maggio 2026·techcrunch.com
Hackers have compromised dozens of popular open source packages in an ongoing supply chain attack | TechCrunch
The attacks are part of a wider campaign known as Mini Shai-Hulud, which has already compromised several open source projects and, in turn, developers and companies that use them.
mercoledì 20 maggio 2026·infoworld.com
GitHub admits major source code leak after 3,800 internal repositories breached
GitHub blamed the latest in a growing list of hacks claimed by TeamPCP on a poisoned VS Code extension.

mercoledì 20 maggio 2026·

forbes.com

GitHub Says 3,800 Repositories Breached—TeamPCP Hackers Demand $50,000

A GitHub employee has unwittingly allowed 3,800 internal repositories to be breached after a device compromise with a poisoned VS Code extension.

mercoledì 20 maggio 2026·

thehackernews.com

GitHub Investigating TeamPCP Claimed Breach of ~4,000 Internal Repositories

GitHub is investigating unauthorized access to internal repositories after TeamPCP listed alleged source code and internal organizations for sale.

mercoledì 20 maggio 2026·

bleepingcomputer.com

GitHub investigates internal repositories breach claimed by TeamPCP

GitHub is investigating a breach of its internal repositories after the TeamPCP hacker group claimed to have accessed approximately 4,000 repositories containing private code.

mercoledì 20 maggio 2026·

securityweek.com

GitHub Confirms Hack Impacting 3,800 Internal Repositories

GitHub has confirmed that roughly 3,800 internal repositories were hacked after an employee installed an infected VS Code extension.

mercoledì 20 maggio 2026·

tomshardware.com

Hacker group hits 3,800 internal GitHub repositories via poisoned developer plugin — TeamPCP claims source code theft and attempts $50,000…

GitHub says it has already rotated critical secrets and credentials following the breach

mercoledì 20 maggio 2026·

thenextweb.com

GitHub breached via poisoned VS Code extension, 3,800 repos stolen

TeamPCP exfiltrated 3,800 internal GitHub repositories after poisoning a VS Code extension. No customer data was affected, the company says.

mercoledì 20 maggio 2026·

decrypt.co

GitHub Confirms 3,800 Internal Repos Stolen Through Poisoned VS Code Extension - Decrypt

TeamPCP gained access to GitHub's private source code after an employee unknowingly installed a malicious coding tool.

mercoledì 20 maggio 2026·

venturebeat.com

GitHub confirms 3,800 internal repos stolen through poisoned VS Code extension as supply chain worm hits Microsoft's Python SDK

GitHub confirmed attackers stole 3,800 internal repositories via a poisoned VS Code extension. The same threat group, TeamPCP, simultaneously compromised Microsoft's durabletask…

mercoledì 20 maggio 2026·

t3n.de

Angriff auf GitHub über kompromittiertes Gerät: Hacker stehlen 3.800 interne Repositories | t3n

Die Hackergruppe Team-PCP hat sich Zugriff auf tausende interne GitHub-Repositories verschafft und versteigert die erbeuteten Daten jetzt. Einfallstor für den Cyberangriff soll…

mercoledì 20 maggio 2026·

darkreading.com

GitHub Confirms Breach, 4K Internal Repos Stolen

Open source software giant GitHub confirmed a data breach this week involving the theft of thousands of repos. One threat actor — TeamPCP — took credit.

giovedì 21 maggio 2026·

m.economictimes.com

Microsoft's GitHub confirms cyberattack involving unauthorised access of nearly 3,800 repositories - The Economic Times

GitHub has confirmed a cyberattack after a threat actor claimed to have stolen and listed company data for sale. The breach involved unauthorised access to internal repositories…

giovedì 21 maggio 2026·

wired.com