NewsNTech
Decompiled: A Poisoned VS Code Extension Cracked GitHub's Internal Repos A collective calling itself TeamPCP is shopping around what it says is the source code from roughly 4,000 GitHub-internal private repositories.
The asking price on dark-web forums is $50,000, with a "if nobody buys, everything drops free" deadline pressure tactic stapled on.
GitHub has confirmed the unauthorized access and pointed at a familiar weak link in the modern dev stack: a poisoned IDE plugin. Behind the meter, the attack chain looks painfully ordinary.
An employee installed a compromised version of a Visual Studio Code extension. That extension carried code that turned the workstation into a foothold.
Keep reading