GitHub confirmed on May 20 that approximately 3,800 internal code repositories were exfiltrated after an employee installed a poisoned Visual Studio Code (VS Code) extension, the latest intrusion attributed to TeamPCP, a hacking group formally tracked by Google Threat Intelligence Group (GTIG) as UNC6780.

GitHub stated in posts on X that it detected and contained the compromise, removed the malicious extension version, isolated the affected endpoint, and rotated critical credentials, prioritizing the highest-impact secrets first.

“We continue to analyze logs, validate secret rotation, and monitor for any follow-on activity,” the company said. GitHub added it had no evidence that customer data stored outside of its internal repositories was impacted and said it would publish a full report when the investigation concludes.

TeamPCP advertised the allegedly stolen data on the Breached cybercrime forum for at least $50,000 and stated the listing was not a ransom demand. GitHub confirmed TeamPCP’s reported figure of approximately 3,800 affected repositories was “directionally consistent” with its investigation.

The extension involved in the breach is believed to be Nx Console version 18.95.0, a VS Code tool with more than 2.2 million installs used to manage JavaScript development workflows.

NX Chief Executive Officer Jeff Cross said on X that while Microsoft initially indicated 28 installs of the malicious version, NX’s own analytics place the number of potentially affected users above 6,000.

Aikido Security researcher Mackenzie Jackson said TeamPCP has compromised Trivy, Checkmarx, Bitwarden CLI, TanStack, and GitHub within 2026, all through developer tooling. “A single VS Code extension on one employee’s machine was enough to get access to 3,800 internal GitHub repositories,” Jackson said. “Most security teams still have zero visibility into what extensions or packages are on their developers’ machines. That’s the blind spot these attacks keep walking through.”