Followed topics

Visual Studio Code

More context

Multiple reports say a malicious VS Code extension was used to compromise and exfiltrate data from about 3,800 internal GitHub repositories. Attackers associated with TeamPCP allegedly targeted developers and attempted to sell stolen source code for $50,000.

Context

The Register View all sources →

Also known as vs code·vscodium·code - oss·vs code extension·vs code insider

0.7 Activity score down · 2d

4.0 Peak score 3d window

Negative Sentiment

4 Sources · 4 signals

3h ago Last updated · next ~11:00

3d First on radar

GitHub ~3,800 internal repos compromised through a malicious VS Code extension · 1d ago

Key Takeaway A poisoned VS Code extension is linked to large-scale compromise and data theft from roughly 3,800 internal GitHub repositories.

AI summary · grounded in cited sources

Sources

The Register View all sources →

VS Code supply chain GitHub repo exfiltration Malicious developer plugins vs code vscodium

Negative 12/100

Themes

GitHub repo exfiltration

+2 adjacent themes

VS Code supply chain Malicious developer plugins

AI Brief

A poisoned VS Code extension is linked to large-scale compromise and data theft from roughly 3,800 internal GitHub repositories.

Multiple reports say a malicious VS Code extension was used to compromise and exfiltrate data from about 3,800 internal GitHub repositories. Attackers associated with TeamPCP allegedly targeted developers and attempted to sell stolen source code for $50,000.

Trending Activity ▼ -2.6 24h

Trend score · left axis Sentiment score · right axis

Live Wire

Top 2 signals · A poisoned VS Code extension is linked to large-scale

r/netsec · 1d ago

GitHub ~3,800 internal repos compromised through a malicious VS Code extension

The Register · 2d ago

GitHub says internal repos exfiltrated after poisoned VS Code extension attack

Broader Visual Studio Code coverage

Other Visual Studio Code activity — not part of the “A poisoned VS Code extension is linked to large-scale” story

Neowin · 1d ago

Microsoft just removed major "friction" from VS Code in its latest weekly update

Briefing Findings · A poisoned VS Code extension is linked to large-scale

Story-specific findings extracted from this briefing's coverage. Fast Facts in the sidebar holds the canonical reference data (CEO, founded, ticker).

affected repos about 3,800 internal GitHub repositories

attack vector poisoned/malicious VS Code extension

threat actor claim TeamPCP claimed the source code theft

outcome internal repos exfiltrated after the extension attack

What to Watch

Check your VS Code extension inventory for the specific malicious extension name reported in coverage.
Follow GitHub security updates and advisories for any official follow-ups tied to this VS Code extension incident. The Register

What Changed

GitHub ~3,800 internal repos compromised through a malicious VS Code extension Tom's Hardware
Hacker group hits 3,800 internal GitHub repositories via poisoned developer plugin — TeamPCP claims source code theft and attempts $50,000 sale, employee installed malicious VS Code extension Tom's Hardware
GitHub says internal repos exfiltrated after poisoned VS Code extension attack The Register

Source-backed brief 2 articles across 2 publications · brief is source backed Show all sources

r/netsec · 1 article

GitHub ~3,800 internal repos compromised through a malicious VS Code extension

The Register · 1 article

GitHub says internal repos exfiltrated after poisoned VS Code extension attack

Broader Visual Studio Code coverage · not part of the A poisoned VS Code extension is linked to large-scale story

Neowin · 1 article

Microsoft just removed major "friction" from VS Code in its latest weekly update

Latest from across the web

External coverage we have crawled and indexed for this topic.

View all 5 signals →

Malicious VS Code Extension Linked to Theft of 3,800 GitHub Repositories

A reported software supply chain attack involving a malicious Visual Studio Code extension has exposed the growing security risks surrounding modern development environments.

1d ago Hilbert Hagedoorn

Microsoft just removed major "friction" from VS Code in its latest weekly update

If you are tired of installing endless extensions just to view basic projects, Microsoft's new built-in tools for Visual Studio Code are going to completely change your workflow.

20h ago Paul Hill

What each outlet is saying

Source-by-source view of what publications and communities are surfacing right now.

r/netsec Community · 1 article

Tracking: GitHub ~3,800 internal repos compromised through a malicious VS Code extension

GitHub ~3,800 internal repos compromised through a malicious VS Code extension

Neowin 1 article

Tracking: Microsoft just removed major "friction" from VS Code in its latest weekly update

Microsoft just removed major "friction" from VS Code in its latest weekly update

Tom's Hardware 1 article

Tracking: Hacker group hits 3,800 internal GitHub repositories via poisoned developer plugin — TeamPCP claims source code theft and attempts $50,000 sale, employee installed malicious VS Code extension

Hacker group hits 3,800 internal GitHub repositories via poisoned developer plugin — TeamPCP claims source code theft and attempts $50,000 sale, employee installed malicious VS Code extension

The Register 1 article

Tracking: GitHub says internal repos exfiltrated after poisoned VS Code extension attack

GitHub says internal repos exfiltrated after poisoned VS Code extension attack

Discovery

Videos

Topic-matched media from the channels we track

Cursor ditches VS Code, but not everyone is happy... Fireship 46d ago

Share & embed Quotables, social share, embed snippet

Share

Quotables · click to copy

Verbatim claims you can cite from the briefing. Each quote is sourced from indexed coverage — paste into your own writing or social.

Embed widget

<script src="https://ttek2.com/embed/pulse/visual-studio-code" async></script>