GitHub Breached After Employee Installs Malicious VS Code Extension

GitHub has confirmed a significant security breach affecting approximately 3,800 internal repositories. The cause? One of its own employees installed a malicious Visual Studio Code extension.

A hacking group called TeamPCP has claimed responsibility for the attack. The incident highlights a growing and uncomfortable attack vector — supply chain compromises targeting developer tools themselves.

VS Code extensions run with broad permissions inside one of the most widely used code editors on the planet. A single poisoned extension, installed by someone with internal access, was enough to crack open thousands of repos at one of the world's largest code hosting platforms.

The breach is a stark reminder that even companies at the center of the software development ecosystem aren't immune to social engineering and tool-chain attacks. GitHub has not yet detailed what data was exposed or what remediation steps are underway.