
2 Days Left: XRP Amendment With Rare 100% Consensus Eyes Activation
XRP's 'fixCleanup3_1_3' amendment achieves 100% consensus, activating soon!

Hackers breached GitHub's internal repositories by exploiting a tainted VS Code extension on an employee's computer. A group named TeamPCP is allegedly selling around 4,000 private repositories for at least $50,000.
Mentioned in this story
Earlier today, hackers gained access to GitHub’s internal repositories by exploiting an employee’s computer with the use of a tainted VS Code extension.
Following the incident, reports emerged that a threat actor using the alias TeamPCP was now allegedly selling what they claim is roughly 4,000 of GitHub’s private repositories on a cybercriminal forum, with a minimum asking price of $50,000.
GitHub confirmed the breach through several tweets posted on its X account, where it detailed what it knew thus far. As per the hosting platform, the attacker gained access to its internal repository via a malicious extension of VS Code loaded onto one of the devices of its employees.
GitHub claims that once it realized there was an attack, it promptly deleted the malicious software from the infected machine. Critically, it pointed out that there is currently no evidence that customer data held outside its internal systems, meaning individual users’ enterprises, organizations, or repositories, was accessed.
The hosting service also confirmed it moved quickly to rotate credentials, moving the highest-impact secrets first. It will also be examining logs to see whether there has been any additional activity, and it will be providing more details on the matter after the investigation concludes.
Meanwhile, French researcher Sébastien Latombe flagged a listing on a criminal message board by a threat actor calling themselves “TeamPCP,” claiming to be the one behind the hack, containing mentions of repositories related to GitHub Actions, GitHub Enterprise, GitHub Copilot, Azure, CodeQL, billing, and authentication services.
Allegedly, they are not looking to ransom GitHub but want a single buyer for the stolen data, with the minimum asking price being $50,000.
However, it must be noted that there has been no official confirmation of the content in the forum listing from GitHub or Microsoft, and any claims made in such cybercriminal sites may be taken with a pinch of salt, as any data they provide in such cases may be out of date or overblown to inflate its perceived value.
The reaction online to the breach was swift, with Binance co-founder Changpeng Zhao (CZ) posting a direct message to crypto developers:
Hackers gained access by exploiting a tainted VS Code extension installed on an employee's computer.
The group is using the alias TeamPCP and claims to be selling approximately 4,000 private repositories.
The minimum asking price for the stolen repositories is $50,000.
GitHub stated there is currently no evidence that customer data outside its internal systems was accessed.

XRP's 'fixCleanup3_1_3' amendment achieves 100% consensus, activating soon!

US Treasury imposes sanctions on Sinaloa Cartel associates for crypto money laundering.

Analyst Highlights Ethereum 'Kill Zone' for Optimal Buying

Bitcoin may enter a critical pullback phase if it falls below $74,929.

XRP sees whale accumulation amid market uncertainty, down 5% this week.

Bitcoin may be poised for outperformance against stocks and bonds as inflation persists and bond markets weaken, according to Mark Connors. After a historic 142-day underperformance against the S&P 500, bitcoin is now in a consolidation phase shifting towards outperformance.
See every story in Crypto — including breaking news and analysis.
“If you have API keys in your code, even private repos, now is the time to double check and change them.”
The replies painted a familiar picture of an industry-wide problem. Topaz DEX founder Aaron Shames called it “bad practice to have API keys in any repo, private or not,” though he acknowledged the heads-up.
Others pointed out that for builders managing hundreds of keys across projects, this is not a simple fix.
“This entire practice of key storage needs an update,” wrote digital artist Tuteth_.
Security commentator Dhanush Nehru went further:
“No one knows what all permissions each VS Code extension owns. The cybersecurity threat landscape is scary.”
The timing of this incident also contributed to pre-existing worries about crypto security following multiple high-profile hacks this month, which included an attack on Echo Protocol, where hackers managed to mint $76.7 million worth of eBTC.
That particular incident came just days after two other multimillion-dollar attacks were carried out on THORChain and the Verus-Ethereum Bridge.
This spate of events has led to renewed debates on the issues of code verification and software supply chain vulnerabilities, where Vitalik Buterin asserts that with the help of AI, formal verification can make software safer by mathematically proving its behavior.