GitHub says hackers stole data from thousands of internal repositories

GitHub disclosed a breach in which a poisoned Visual Studio Code extension compromised an employee device and led to theft of data from roughly 3,800 internal code repositories; GitHub says there is no evidence of impact to customer data stored outside internal repositories. Reports indicate the hacking group TeamPCP has claimed responsibility and is selling the stolen data, and the incident is linked to a broader trend of attackers targeting developer tooling and open-source supply chains (examples include prior compromises involving Trivy, TanStack, and the European Commission).