GitHub Confirms Breach via Malicious VS Code Extension

📌 GitHub confirmed a breach of its internal repositories via a malicious Visual Studio Code (VS Code) extension. The attack was claimed by the threat group TeamPCP, though GitHub has not explicitly attributed the incident to them. The breach involved unauthorized access to internal code repositories, though the exact scope and data compromised remain undisclosed. No specific technical details, such as CVE IDs, dates, or affected systems, were provided in the report. The incident highlights risks associated with third-party extensions in development environments. The source of the breach was traced to the compromised VS Code extension.