GitHub has confirmed the unauthorized access and exfiltration of approximately 3,800 of its internal development repositories. The breach was orchestrated by the financially motivated cybercrime group TeamPCP, who exploited a trojanized Microsoft Visual Studio Code (VS Code) extension installed on a privileged employee's device.

The stolen source code was reportedly offered for sale on a cybercrime forum. GitHub has stated there is currently no evidence that customer data or data stored outside these internal repositories was compromised. The incident highlights the escalating risk to developer environments and underscores the sophistication of TeamPCP's broader "Mini Shai-Hulud" supply chain campaign.

Incident Summary and Root Cause

The breach originated when a GitHub employee installed a malicious, trojanized extension in their Microsoft Visual Studio Code environment. Once installed, the extension executed malware that allowed TeamPCP to compromise the device and exfiltrate sensitive internal assets.

• Trigger Vector: Installation of a poisoned VS Code extension from the official marketplace (which was subsequently removed).
• Threat Actor: The group TeamPCP claimed responsibility for the breach and is selling this data on a dark web forum with a minimum price of $50,000.
• Remediation: GitHub immediately secured the affected employee device, removed the malicious extension from the VS Code Marketplace, and began investigating the scope of the unauthorized access.

Impact Assessment

GitHub has assessed the impact and confirmed the following:

• Internal Repositories: Approximately 3,800 internal GitHub repositories were exfiltrated. These contain internal development assets, private source code, and proprietary tools.
• Customer Data: There is no evidence that customer data, production systems, or data stored outside of the affected internal repositories were compromised.
• Containment: The breach appears to be strictly contained to the internal development assets of GitHub and does not impact the broader platform's integrity or third-party customer data.

The Broader "Mini Shai-Hulud" Campaign

This incident highlights the broader and well-documented risk posed by software supply chain attacks targeting developer environments, package ecosystems, and CI/CD pipelines. Threat actors are increasingly focusing on these vectors due to their ability to provide indirect access to source code, credentials, and production environments.

Commonly observed techniques in supply chain attacks include:

• Compromise of Developer Tooling: Malicious or trojanized extensions, plugins, or dependencies can be used to gain initial access to developer workstations and associated resources.
• Package Ecosystem Abuse: Attackers may publish or modify packages in public registries (e.g., npm, PyPI) to introduce malicious code, often leveraging compromised maintainer accounts or typosquatting techniques.
• Abuse of CI/CD Pipelines: Continuous integration and deployment systems are targeted to access build artifacts, inject malicious code, or extract sensitive credentials such as API tokens and secrets.
• Credential Access and Exfiltration: Malware deployed via supply chain vectors frequently targets sensitive data, including access tokens, SSH keys, and cloud credentials, which can then be used for lateral movement or persistence.

Recommendations

In light of this breach and the ongoing "Mini Shai-Hulud" campaign, organizations must immediately harden their developer environments and supply chain defenses. The following actions are recommended:

1. Audit Third-Party Extensions: Strictly audit and manage all third-party extensions installed in development environments, particularly for high-privilege accounts. Remove any non-essential or unrecognized VS Code extensions immediately.
2. Implement Application Control Policies: Deploy application control policies to enforce the allow-listing of approved VS Code extensions. Block the installation of extensions from unknown or unverified publishers.
3. Monitor Developer Workstations: Enhance endpoint detection and response (EDR) monitoring for developer workstations. Look for unauthorized access attempts, unusual network traffic, or connections to known TeamPCP Command & Control (C2) servers originating from IDE processes.
4. Review Internal Repository Access: Review access controls for internal repositories, enforcing the principle of least privilege. Ensure that high-value internal assets are strictly segmented from standard developer workflows.
5. Understand TeamPCP TTPs: Be vigilant against TeamPCP's Tactics, Techniques, and Procedures (TTPs), specifically regarding supply chain compromises, credential exfiltration.

If you are worried about any of the threats outlined in this bulletin or need help in determining what steps you should take to protect yourself from the most material threats facing your organisation, please contact your account manager, or alternatively get in touch to find out how you can protect your organisation.