GITHUB recently experienced a significant breach linked to a compromised Visual Studio Code extension called 'Nx Console,' which allowed unauthorized access to 3,800 internal repositories. The malicious version of the extension was uploaded on May 18, 2026, by an individual masquerading as a legitimate maintainer, and it was available for about 18 minutes before being removed. It fetched a payload that harvested credentials from various sources, highlighting vulnerabilities within the software supply chain.
Following the incident, GitHub's security team acted promptly to rotate critical secrets and begin incident response while planning a more detailed report on the breach. The hacking group TeamPCP has claimed responsibility, attempting to sell the stolen data for $95,000, stating they would leak it if no buyer was found.