GitHub confirms breach of 3,800 repos via malicious VSCode extension

GitHub detected and contained a compromise of an employee device caused by a malicious (trojanized) VS Code extension that exfiltrated approximately 3,800 internal repositories; GitHub removed the extension, isolated the endpoint, and is investigating while the TeamPCP group publicly claimed the theft and attempted to sell the data. The report places this incident in the context of prior malicious VS Code extensions and supply-chain attacks targeting developer platforms, noting GitHub's widespread use and potential impact.