IT Services Circle

May 21, 2026 · Information Security

Did the GitHub Breach Aim to ‘Fix’ Availability? Inside the TeamPCP Attack

In May 2026 GitHub disclosed that a malicious VS Code extension installed on an employee’s machine led to the theft of roughly 3,800 private repositories by the threat group TeamPCP, which demanded $50 k for the data, claimed the breach was about availability, and later expanded the campaign into a supply‑chain worm targeting PyPI packages and cloud credentials.