A new cybersecurity breach rocked the developer community tonight, as hacker collective TeamPCP claims to have exfiltrated the source code from around 4,000 internal private repositories within GitHub.
The group is actively advertising this dataset on dark web forums with a price tag of $50,000 and includes sample files as proof of the breach to entice potential customers.
The hackers, however, go on to condition that without the sale of this database to any buyer, they will release the entire dataset for free, ratcheting up pressure on GitHub and its worldwide customers. The extent of the breach, as well as details about the internal repositories implicated in it, are a source of widespread concern among developers, enterprises and security analysts.
The information of early leaks hints that the data might include sensitive internal tools, proprietary systems as well as vital infrastructure elements found in GitHub. The situation is still developing as more details emerge.
MistEye TI Alert
Based on recent intelligence, multiple high-frequency npm packages, including AntV and Echarts-for-react, as well as the durabletask Python SDK, have been compromised by Mini Shai-Hulud supply chain attacks. Notably:
1. May 19, 2026: The npm account atool… pic.twitter.com/MKytsmFiy7
— SlowMist (@SlowMist_Team) May 20, 2026
MistEye TI Alert GitHub Confirms The Hacked and Now Investigating
The incident was reported by GitHub itself, which has confirmed that an investigation is underway into what it refers to as “unauthorized access to internal repositories.” The breach has been detected within minutes and containment measures have already been applied, the company stated.
In a detailed update, GitHub has blamed the attack on an employee device where compromised versions of Visual Studio Code extensions were installed. The attack vector was the compromised plugin, allowing intruders to penetrate internal networks before gaining access to such repositories.
GitHub comments that while investigations are still ongoing, it seems to have confined the breach to internal repositories, and has not yet had any impact on private customer repos. Regardless, the device is isolated, malicious extension uninstalled and a complete incident response workflow has taken place.
1/ We are sharing additional details regarding our investigation into unauthorized access to GitHub's internal repositories.
Yesterday we detected and contained a compromise of an employee device involving a poisoned VS Code extension. We removed the malicious extension version,…
— GitHub (@github) May 20, 2026
Entry point identified: Poisoned VS Code extension
A compromised VS Code extension, one of the most common types of attack vector nowadays on development environments, is at the heart of this breach. The extensions are often installed for developer productivity purposes, but can pose a considerable risk if they include malicious code.
The extension is used as a backdoor which gives these attackers access to the employee’s workstation. From there, they traversed laterally through GitHub’s internal network and spent months retrieving data from various repositories before the incursion was noticed.
This is one of the most important growing weaknesses in software supply chains; trusted tools can turn into an attack vector if malignant actors hijack them. Plugins and integrations are the favorite go-to, delivery mechanism for developers along with organizations without much security vetting.
It is a reminder that even widely-trusted platforms, with extensive security measures in place, GitHub, for one, can be vulnerable to attacks through less-obvious points of entry.
Thousands Of Internal Repositories Might Be Exposed
The number of repositories the attacker claims was accessed, about 3,800, corresponds roughly with an internal GitHub investigation into the hacked accounts, although the company has not confirmed that number publicly. It acknowledges that a considerable amount of internal data could have been breached and exfiltrated.
The repositories in question are believed to house installations of major assets, such as source code for internal systems and development tools, as well frameworks supporting GitHub’s services that need to be kept secret. If the claims are proven correct, exposure could deal a heavy blow to GitHub and the wider developer ecosystem that relies on its infrastructure.
Security professionals warn that once attackers gain partial access to an internal repo, it can provide nefarious users increased context and understanding of how the system is designed, which may even aid them in crafting a more limited and effective exploit later.
— GoPlus Security
(@GoPlusSecurity) Security Experts Warn About AI-Assisted Breach Techniques
Compounding the difficulty of the incident, 23pds, chief information security officer at SlowMist has suggested that attackers may have used advanced AI tools to plan the breach. In particular, there are indications that Anthropic’s Mythos security AI was used to search the depths for holes and refine this attack.
Instead of an opportunistic attack, this view of the breach renders it a calculated operation by context-focused reconnaissance and AI-optimized execution. If confirmed, this would constitute a significant increase in the sophistication of cyberassaults.
These fears are compounded by the fact that expectations of a continued secure vaulting and protection of assets such as Copilot source code, CodeQL algorithms, and GitHub Actions runtime, core building blocks for modern software development may not develop. Which enables systemic threats as a result of their compromise.
我们@SlowMist_Team 刚刚分析网络犯罪论坛的爆料,黑客可能用Anthropic 的Mythos 安全AI,用它精准突破 GitHub 的防线,偷走约4000个核心内部仓库:
里面有Copilot的源码、CodeQL的算法、Actions运行时和整个计费系统等等太多信息了。… pic.twitter.com/gVDyEx2pHi— 23pds (山哥) (@im23pds) May 20, 2026
GitHub Rotates Secrets And Urges Users To Stay Vigilant
GitHub has acted swiftly to contain associated risks in light of the breach. The company confirms it has rotated its most critical secrets, focusing on those that have the highest possible impact to prevent further usage. Additional safeguards range from an always-on log analysis to confirming that security patches remain untouched and no anomalous activity.
GitHub noted that despite these protective measures, customers, particularly those with private repos, should stay vigilant. As a precaution, developers are advised to conduct immediate security audits, check access logs and change sensitive credentials.
It highlights the need for preemptive security best practices in an era of increasingly advanced threats. Even if breaches are limited by internal boundaries, their effects can reach far beyond the original breach.
With this investigation continuing, GitHub has committed to additional action as appropriate, and updating with more information once it’s available. For now, the focus remains on containment, transparency and bolstering defenses.
Disclosure: This is not trading or investment advice. Always do your research before buying any cryptocurrency or investing in any services.
Follow us on Twitter @nulltxnews to stay updated with the latest Crypto, NFT, AI, Cybersecurity, Distributed Computing, and Metaverse news!
