Full Report
GitHub says the hackers who breached 3,800 internal repositories gained access via a malicious version of the Nx Console VS Code extension, compromised in last week's TanStack npm supply-chain attack. [...]
Analysis Summary
# Incident Report: GitHub Internal Repository Breach via Supply-Chain Injection
## Executive Summary
GitHub experienced a significant security breach resulting in the unauthorized access of approximately 3,800 internal code repositories. The incident was triggered by a developer installing a malicious version of the "Nx Console" Visual Studio Code extension, which had been compromised via a broader supply-chain attack targeting the TanStack npm ecosystem. The threat group TeamPCP has claimed responsibility, exfiltrating internal source code and attempting to ransom the data for $50,000.
## Incident Details
- **Discovery Date:** May 19, 2026 (approximate, based on forum claims/investigation start)
- **Incident Date:** May 18, 2026 (Date of malicious extension release)
- **Affected Organization:** GitHub
- **Sector:** Technology / Software Development Platform
- **Geography:** Global / Distributed
## Timeline of Events
### Initial Access
- **Date/Time:** May 18, 2026
- **Vector:** Phishing/Supply-Chain (Developer Workspace)
- **Details:** An Nx developer’s GitHub credentials were stolen via the "TanStack" npm supply-chain attack. This allowed attackers to push a malicious version (v18.95.0) of the Nx Console extension to the VS Code Marketplace and OpenVSX.
### Lateral Movement
- **Mechanism:** A GitHub employee installed the malicious Nx Console extension. The extension contained a payload designed to exfiltrate secrets and credentials from the local development environment, specifically targeting GitHub CLI (`gh`) tokens and CI/CD credentials.
### Data Exfiltration/Impact
- **Date:** May 19-20, 2026
- **Details:** Using the stolen internal credentials, attackers accessed and exfiltrated approximately 3,800 internal GitHub repositories. TeamPCP advertised the stolen data on the "Breached" cybercrime forum.
### Detection & Response
- **Discovery:** GitHub initiated an investigation following claims of unauthorized access and the disclosure of the Nx Console compromise.
- **Response Actions:** GitHub isolated the compromised device, rotated critical secrets/credentials, and began a forensic audit of logs to determine if customer data was impacted.
## Attack Methodology
- **Initial Access:** Supply-chain compromise of the `Nx Console` VS Code extension (v18.95.0).
- **Persistence:** Payload was embedded in a legitimate developer tool; persistence was likely maintained via exfiltrated long-lived CI/CD tokens.
- **Privilege Escalation:** Not explicitly stated, though stolen `gh` CLI tokens provided the permissions of the compromised employee.
- **Defense Evasion:** Malicious code was hidden within a trusted, signed extension update; the malicious version was only available for 18–36 minutes to minimize the window for automated detection.
- **Credential Access:** Automated scraping of local developer environment for npm, AWS, Kubernetes, GitHub, and GCP/Docker secrets.
- **Discovery:** Local environment reconnaissance for configuration files and secret stores.
- **Lateral Movement:** Using stolen credentials to move from a local workstation to internal GitHub cloud repositories.
- **Collection:** Bulk cloning/exporting of internal Git repositories.
- **Exfiltration:** Data sent to attacker-controlled infrastructure (presumably via the extension’s payload).
- **Impact:** Unauthorized access to proprietary source code and potential exposure of internal secrets.
## Impact Assessment
- **Financial:** Threat actors demanded $50,000; internal costs for incident response and secret rotation are significant but unquantified.
- **Data Breach:** Exposure of ~3,800 internal private repositories. No confirmed impact on customer data.
- **Operational:** Massive secret rotation exercise required for internal systems.
- **Reputational:** High; marks another successful supply-chain attack against a major security-focused tech firm.
## Indicators of Compromise
- **File indicators:** Nx Console extension version `18.95.0`.
- **Behavioral indicators:**
- Unexpected outbound traffic from VS Code processes to unknown IP addresses.
- Unusual repository cloning patterns from internal employee accounts.
- Unauthorized `gh` CLI token usage from new IP ranges.
## Response Actions
- **Containment:** Secured/Isolated the compromised developer workstation.
- **Eradication:** Nx team pulled v18.95.0 from the VS Code Marketplace and OpenVSX.
- **Recovery:** Mass rotation of critical secrets and GitHub internal infrastructure credentials.
- **Monitoring:** Enhanced logging and monitoring for any follow-on activity using rotated credentials.
## Lessons Learned
- **Extension Risk:** VS Code extensions occupy a high-privilege position in the developer environment and are a primary target for supply-chain attacks.
- **Token Sensitivity:** CLI tools (like `gh`) often store high-privilege tokens in plain text or easily accessible local stores.
- **Rapid Response:** Even an 18-minute window of availability for a malicious package is sufficient to compromise major enterprises.
## Recommendations
- **Extension Whitelisting:** Implement organizational policies to restrict VS Code extensions to a pre-approved, audited list.
- **Short-lived Tokens:** Transition to short-lived, identity-based credentials for CLI and CI/CD operations rather than persistent tokens.
- **Endpoint Detection (EDR):** Deploy EDR tools capable of monitoring IDE (Integrated Development Environment) child processes for suspicious network activity.
- **Secrets Scanning:** Aggressively scan internal repositories for any credentials that may have been committed, as these are now in the hands of threat actors.