Unbiased AI-powered news
GitHub announced a breach in which a poisoned VSCode extension allowed TeamPCP to access internal code repositories. The incident is the latest in a series of supply chain attacks attributed to the group.
Substrate placeholder — needs reviewGitHub announced Tuesday night that it had detected a breach after a developer installed a poisoned VSCode extension. The attackers accessed approximately 3,800 of the platform's internal repositories, according to GitHub's statement. All compromised repositories contained GitHub's own code rather than customer data.
TeamPCP posted on BreachForums that it was advertising GitHub's source code and internal organizations for sale.
TeamPCP has conducted 20 waves of supply chain attacks in recent months, according to cybersecurity firm Socket. The group has compromised more than 500 distinct pieces of software and their versions. The attacks follow a recurring cycle in which the group plants malware in developer tools, steals credentials, and then publishes malicious updates to additional tools.
Socket researcher Philipp Burckhardt said the group appears focused on gaining attention through high-profile targets.
Prior victims include AI company Anthropic and data firm Mercor. The group has also used a self-spreading worm called Mini Shai-Hulud that creates repositories containing stolen credentials. TeamPCP has deployed ransomware and data extortion against some targets while offering to sell stolen data to others.
The group has also established partnerships with BreachForums and DragonForce for ransomware-as-a-service operations. Wiz strategic threat intelligence lead Ben Read said each breach creates significant issues for the affected organization. Palo Alto Networks Cortex Cloud manager Nathaniel Quist said organizations should rotate authentication tokens regularly to limit exposure.
Wiz recommends delaying installation of newly published open source updates until they can be reviewed for signs of tampering.
Single source — no framing comparison available.
insurancejournal.comPreliminary data show every vessel that transited the waterway on July 12 did so without active tracking signals. Dark crossings have outnumbered observable passages in recent days as attacks reshape routes.
The War ZoneThe U.S. Army will station its ME-11B HADES aircraft and form a new unmanned aircraft system battalion at Fort Hood, Texas. The moves consolidate aerial intelligence units previously spread across multiple bases.
The IndependentResearchers identified the four-carbon sugar erythrulose in gas cloud G+0.693-0.027 using two Spanish radio telescopes. The finding adds to evidence that complex organic molecules form in interstellar space before stars and planets.