Search

bleepingcomputer.com › news › security

GitHub links repo breach to TanStack npm supply-chain attack

… GitHub revealed the breach on Tuesday, saying it was investigating claims of unauthorized access to its internal repositories and telling BleepingComputer that the incident resulted from an employee installing a malicious Visual Studio Code VS Code extension, without disclosing the extension's name. …

May 21, 2026 · Sergiu Gatlan

bleepingcomputer.com › news › security

GitHub confirms breach of 3,800 repos via malicious VSCode extension

… Send your offers to the communications below, we are not interested in under 50k, the best offer will get it." ​TeamPCP was previously linked to massive supply chain attacks targeting developer code platforms, including GitHub , PyPI , NPM , and Docker , and, more recently, to the "Mini Shai-Hulud"… …

May 20, 2026 · Sergiu Gatlan