Code internet hosting platform GitHub disclosed that it suffered an information breach final week as a part of a software program provide chain assault carried out by hackers.
The assault was traced again to a GitHub developer, who had put in a ‘poisoned’ extension for VSCode, which serves as a plug-in for a generally used code editor that can be owned by Microsoft. In its assertion confirming the information breach, GitHub mentioned at the least 3,800 inside repositories had been compromised by the hackers. Nevertheless, the affected repositories solely contained GitHub’s personal code and didn’t have an effect on prospects’ information.
The hackers behind the GitHub breach are extensively believed to be TeamPCP, an more and more infamous group of cybercriminals that perform software program provide chain assaults, the place a whole bunch of open-source instruments are corrupted and victims extorted for revenue.
“We’re right here at present to promote GitHub’s supply code and inside orgs on the market. Every part for the principle platform is there and I’m very joyful to ship samples to consumers to confirm absolute authenticity,” TeamPCP wrote on BreachForums, a discussion board and market for cybercriminals, following the breach.
The GitHub breach is the most recent in a string of software program provide chain assaults allegedly linked to the rising hacker group, elevating questions on the way to use open-source software program safely. Right here’s the whole lot it’s essential learn about TeamPCP.
Who’s TeamPCP?
TeamPCP emerged in late 2025, when it exploited cloud misconfigurations and a vulnerability within the net app improvement instrument Subsequent.js to deploy a botnet for assaults like credential theft and cryptocurrency mining. The group of hackers relied closely on worms to seize static credentials and authentication tokens to bore deeper into victims’ methods.
TeamPCP’s web page on the darkish net hyperlinks to ‘enterprise contacts, which might probably be used to hold out ransom negotiations. The webpage options Matrix-style cascading ones and zeros, together with the phrases ‘TEAMPCP: The Cats Hijacking Your Provide Chains’ with a reggae fusion soundtrack within the background, in response to a report by Wired.
Story continues beneath this advert
The group’s assaults seem like financially motivated because it usually targets victims by deploying ransomware or finishing up information extortion campaigns. It has additionally expressed willingness to promote victims’ information to any purchaser.
“This isn’t a ransom. We don’t care about extorting GitHub, 1 purchaser and we shred the information on our finish […] It appears to be like like our retirement is quickly so if no purchaser is discovered we are going to leak it free,” TeamPCP reportedly wrote in its BreachForums submit almost about the GitHub breach.
TeamPCP is believed to have transitioned to a ransomware-as-a-service mannequin in April this yr by establishing partnerships with extensively identified cybercriminal platforms equivalent to BreachForums and DragonForce.
What’s TeamPCP’s modus operandi?
Merely put, a software program provide chain assault is when hackers corrupt a legit piece of software program to cover their very own malicious code. It threatens to show any harmless utility right into a harmful foothold in a sufferer’s community, thereby sowing a brand new stage of mistrust throughout the ecosystem.
Story continues beneath this advert
TeamPCP reportedly depends on a cyclical exploitation of software program builders. First, the hackers achieve entry to a community the place an open-source instrument generally utilized by coders is being developed. They then plant malware within the open-source instrument that can be used to compromise different software program builders’ machines, together with these builders creating different software program instruments for coders.
The malware permits TeamPCP to steal credentials which, in flip, lets them publish malicious variations of these software program improvement instruments. The breached community grows because the cycle repeats. TeamPCP’s hackers have additionally reportedly automated a lot of its software program provide chain assaults with a self-spreading worm referred to as ‘Mini Shai-Hulud’ – seemingly a reference to the favored sci-fi novel and film sequence, Dune.
Encrypted credentials in GitHub repositories created by the worm reportedly carry the phrase: ‘A Mini Shai-Hulud Has Appeared’. In September 2025, the same provide chain assault involving self-spreading malware reportedly carried the identical phrase.
Who has been focused by TeamPCP?
Over the previous few months, TeamPCP has carried out 20 waves of provide chain assaults which have hidden malware in additional than 500 distinct items of software program, in response to cybersecurity agency Socket. With these tainted items of code, TeamPCP has focused and breached a whole bunch of corporations that put in the software program, in response to Ben Learn, the top of strategic menace intelligence at cloud safety agency Wiz.
Story continues beneath this advert
Earlier than GitHub, TeamPCP is alleged to have been behind assaults focusing on OpenAI and information contracting agency Mercor. The hackers are mentioned to have embedded an infostealer within the open supply safety scanner Trivy after which used stolen credentials from this assault to compromise sure variations of the AI utility programming interface (API) instrument referred to as LiteLLM that’s hosted on the favored Python software program repository PyPI.
Net utility safety agency Checkmarx, net app library TanStack, and enterprise AI platform Mistral are only a few different corporations which have been focused by TeamPCP in provide chain assaults. It was additionally reportedly behind the latest information breach affecting the European Fee’s public web site.
How can organisations defend themselves?
Consultants imagine that organisations can defend themselves from TeamPCP’s provide chain assaults to a sure diploma by maintaining safety “hygiene” practices that rigorously handle authentication tokens and impose entry restrictions wherever attainable.
It is usually really helpful to vary or rotate tokens even if you’re not utilizing the packages which have been compromised. Different potential safeguards embody bringing age-gating updates to open-source instruments. Safety updates should be vetted and put in reasonably than instantly updating to code that has been newly printed and could also be malicious.