GitHub Confirms Breach, 4K Internal Repos Stolen

APPLICATION SECURITY DATA PRIVACY CYBERATTACKS & DATA BREACHES VULNERABILITIES & THREATS NEWS GitHub Confirms Breach, 4K Internal Repos Stolen Open source software giant GitHub confirmed a data breach this week involving the theft of thousands of repos. One threat actor — TeamPCP — took credit. Alexander Culafi,Senior News Writer,Dark Reading May 20, 2026 3 Min Read SOURCE: SUNDRY PHOTOGRAPHY VIA ALAMY STOCK PHOTO GitHub confirmed today it was breached via an attacker that stole thousands of internal repositories. TeamPCP, a financially motivated threat actor that has relentlessly targeted the open source ecosystem, yesterday published a post to a prominent Dark Web data breach forum that it would sell internal source code and organization data stolen from GitHub. This totaled "~4,000 repos of private code," according to the advertisement, and was for sale to an interested buyer.  "As always this is not a ransom. We do not care about extorting GitHub, 1 buyer and we shred the data on our end, it looks like our retirement is soon so if no buyer is found we will leak it free," the post read. However, GitHub today partially confirmed the advertisement's claims in a series of posts on the official company account on X. According to the Microsoft-owned company, GitHub yesterday detected and contained the compromise of an employee device, which involved a poisoned VS Code extension. GitHub said it removed the malicious extension version, isolated the endpoint, and began incident response.  Related:'Claw Chain' Vulnerabilities Threaten OpenClaw Deployments "Our current assessment is that the activity involved exfiltration of GitHub-internal repositories only. The attacker's current claims of ~3,800 repositories are directionally consistent with our investigation so far," the series of posts read. "We moved quickly to reduce risk. Critical secrets were rotated yesterday and overnight with the highest-impact credentials prioritized first. We continue to analyze logs, validate secret rotation, and monitor for any follow-on activity. We will take additional action as the investigation warrants. We will publish a fuller report once the investigation is complete." TeamPCP has become a force to be reckoned with for developers in recent months. Security experts have pinned the Shai-Hulud self-replicating worm attacks that began last year to TeamPCP, and it has further targeted organizations in credential attacks and more. Most recently, TeamPCP published the source code of Shai-Hulud to GitHub in an effort to spread the worm even further. GitHub Breach Begs: What Happened? The idea that TeamPCP would hit GitHub through a poisoned version of a Visual Studio Code (VS Code) extension (or perhaps a typosquatted application) is well within the threat actor's capabilities, as many of its recent campaigns have involved such threat activity. It is notable that the Microsoft-owned GitHub was compromised through a VS Code extension a year after GitHub committed itself to open source software security and two years after Microsoft committed itself to improved security practices. VS Code, a Microsoft format, isn't necessarily a Microsoft extension. So while breach victims deserve a bit of grace, the threat to the open source ecosystem has been well established for months.  Related:Shai-Hulud Worm Clones Spread After Code Release Roy Akerman, head of cloud and identity security for vendor Silverfort, tells Dark Reading that this attack happened because the trust model around developer tooling is "fundamentally broken." "A VS Code extension runs with the same privileges as the editor itself, and once installed it has access to everything the developer can reach," he says. "There's no meaningful verification before that code executes. What makes this breach remarkable isn't the entry point, it's that TeamPCP used GitHub's own infrastructure as the weapon end to end. They leveraged compromised developer tooling and trusted release workflows to distribute malicious code, including the poisoned VS Code extension that reached a GitHub employee's machine." Kayne McGladrey, senior member of the Institute of Electrical and Electronics Engineers (IEEE), echoed the concern about VS Code extensions running with full trust, "which means that they get access to the developer's filesystem, credentials, cloud keys, SSH keys, and environment variables."  Related:Attackers Weaponize RubyGems for Data Dead Drops Dark Reading contacted GitHub for additional comment. About the Author Alexander Culafi Senior News Writer, Dark Reading Alex is an award-winning writer, journalist, and podcast host based in Boston. After cutting his teeth writing for independent gaming publications as a teenager, he graduated from Emerson College in 2016 with a Bachelor of Science in journalism. He has previously been published on VentureFizz, Search Security, Nintendo World Report, and elsewhere.  At Dark Reading, he covers a variety of cybersecurity topics, including the cybercrime ecosystem, open source security, and the intersection between AI and threat actors. In his spare time, Alex hosts the weekly Nintendo podcast, "Talk Nintendo Podcast," and works on personal writing projects, including two previously self-published science fiction novels. He has received numerous awards, including TechTarget's Writer of the Year in 2022 as well as more than 10 Azbee awards for his reporting between 2022 and today.  Want more Dark Reading stories in your Google search results? ADD US NOW More Insights Industry Reports How Organizations Are Managing Incident Response How Enterprises Are Developing Secure Applications Inside RSAC 2026: security leaders reveal the risks redefining your defense strategy How Enterprises Are Harnessing Emerging Technologies in Cybersecurity Ditch the Data Center: Understanding Flexible Cloud Infrastructure Security Management Access More Research Webinars AI-Powered Cybersecurity for Resource-Constrained Organizations AI-Powered Credential Security: Intelligence Without Exposure How Security Teams should apply Threat Intelligence into their Defenses Your Guide to Securing AI Adoption in Your Organization What is the Right Role for Identity Threat Detection and Response (ITDR) in Your Organization? More Webinars You May Also Like APPLICATION SECURITY Supply Chain Attack Secretly Installs OpenClaw for Cline Users by Rob Wright FEB 19, 2026 APPLICATION SECURITY Chinese Hackers Hijack Notepad++ Updates for 6 Months by Jai Vijayan, Contributing Writer FEB 02, 2026 APPLICATION SECURITY Trump Administration Rescinds Biden-Era Software Guidance by Alexander Culafi JAN 29, 2026 APPLICATION SECURITY Microsoft Fixes Exploited Zero Day in Light Patch Tuesday by Jai Vijayan, Contributing Writer DEC 09, 2025 Editor's Choice THREAT INTELLIGENCE From Stuxnet to ChatGPT: 20 News Events That Shaped Cyber byDark Reading Editorial Team MAY 6, 2026 31 MIN READ CYBER RISK Physical Cargo Theft Gets a Boost From Cybercriminals byRobert Lemos MAY 4, 2026 5 MIN READ CYBER RISK NSA Chief During Snowden Affair Shares Regrets, Reflections 13 Years Later byDark Reading Editorial Team APR 28, 2026 Want more Dark Reading stories in your Google search results? Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox. SUBSCRIBE LOADING... RSAC 2026: key news & insights At RSAC 2026, Dark Reading captured critical intelligence on AI, new attack methods, geopolitics, and much more Get Your Recap Webinars AI-Powered Cybersecurity for Resource-Constrained Organizations THURS, JUNE 18, 2026, AT 1PM EST AI-Powered Credential Security: Intelligence Without Exposure WED, JUNE 17, 2026, AT 1PM EST How Security Teams should apply Threat Intelligence into their Defenses THURS, JUNE 11, 2026 AT 1PM EST Your Guide to Securing AI Adoption in Your Organization TUES, JUNE 9, 2026 AT 1PM EST What is the Right Role for Identity Threat Detection and Response (ITDR) in Your Organization? WED, JUNE 3, 2026 AT 1PM EST More Webinars BLACK HAT USA | MANDALAY BAY, LAS VEGAS The premier cybersecurity event of the year returns to Mandalay Bay with a re‑engineered, six‑day program built to ignite innovation, push boundaries, and bring the global security community together like never before. Use code: DARKREADING to save $200 on a Briefings pass or $100 on a Business pass. GET YOUR PASS