TeamPCP continues its attack on open source projects, now apparently asking for $50,000.

GitHub has confirmed that roughly 3,800 internal repositories were breached after one of its employees installed a malicious ...

An unauthorised group calling itself TeamPCP accessed GitHub's internal repositories, targeting VSCode extensions used by ...

GitHub confirmed a breach affecting about 3,800 internal repositories after an employee installed a malicious VS Code ...

A threat actor compromised an Nx developer and posed as a legitimate maintainer to publish a malicious extension on Visual ...

GitHub lost 3,800 internal repos after poisoned Nx Console update exposed developer credentials and supply-chain risk.

GitHub, the world's biggest code repository and DevOps platform, fell victim to a malicious Visual Studio Code (VS Code) ...

GitHub is just the latest victim of TeamPCP, a gang that has carried out a spree of software supply chain attacks that has impacted hundreds of organizations.

GitHub has confirmed that hackers breached internal repositories through a poisoned VS Code extension after stolen source ...

GitHub confirmed attackers stole 3,800 internal repositories via a poisoned VS Code extension. The same threat group, TeamPCP ...

A threat actor named WhiteCobra has been targeting VSCode, Cursor, and Windsurf users by planting 24 malicious extensions in the Visual Studio marketplace and the Open VSX registry. The campaign is ...