The threat actor TeamPCP compromised GitHub's internal repositories by using a poisoned Visual Studio Code extension as the attack vector. GitHub has confirmed the exfiltration of internal repositories, which is directionally consistent with the attacker's claim of approximately 3,800 repositories. The article does not provide sufficient technical details regarding specific vulnerable software versions, a CVSS score, a fixed version, or a workaround.
Following TeamPCP’s claim that they’ve breached GitHub’s own private code repositories, the Microsoft-owned company launched an investigation and confirmed the compromise. “Our current assessment is that the activity involved exfiltration of GitHub-internal repositories only. The attacker’s current claims of ~3,800 repositories are directionally consistent with our investigation so far,” GitHub stated. The source of the breach The company previously said that they have no evidence that customer information stored outside of GitHub’s internal repositories was … More → The post TeamPCP breached GitHub’s internal codebase via poisoned VS Code extension appeared first on Help Net Security .