GitHub confirmed that attackers associated with TeamPCP gained unauthorized access to thousands of the company’s internal code repositories after compromising an employee’s device through a malicious VS Code extension. Despite the scale of the GitHub cyberattack, the Microsoft-owned platform said there is currently no evidence that customer repositories or enterprise data were affected. 

The cyberattack on GitHub marks the latest operation linked to TeamPCP, a cybercriminal group that has rapidly expanded its activity through coordinated attacks on developer-focused platforms and cloud infrastructure.  
Decoding the GitHub Cyberattack 

GitHub publicly acknowledged the incident on Wedne...