{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata. Fed continuously.","feed_url":"https://feed.craftedsignal.io/products/mistral-ai-npm-packages/feed.json","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":["TeamPCP"],"_cs_cpes":[],"_cs_cves":[],"_cs_exploited":false,"_cs_has_poc":false,"_cs_poc_references":[],"_cs_products":["Nx Console","github.com","Visual Studio Code Marketplace","OpenVSX","GitHub CLI","TanStack npm packages","Mistral AI npm packages","UiPath","Guardrails AI","OpenSearch"],"_cs_severities":["high"],"_cs_tags":["supply-chain","vscode","npm","github","credential-theft"],"_cs_type":"threat","_cs_vendors":["GitHub","Microsoft","TanStack","Mistral AI","UiPath","Guardrails AI","OpenSearch"],"content_html":"\u003cp\u003eOn May 21, 2026, GitHub revealed that a breach affecting 3,800 internal repositories occurred due to a supply chain attack. This attack, attributed to the TeamPCP threat group, originated with the compromise of TanStack npm packages and quickly spread to other projects including UiPath, Guardrails AI, and OpenSearch. The initial compromise involved a malicious version of the Nx Console Visual Studio Code (VS Code) extension. The attacker gained access by compromising a developer\u0026rsquo;s machine, stealing credentials, and exploiting the GitHub CLI (gh) to run workflows on the GitHub repository as a contributor. While GitHub has secured the compromised device and rotated critical secrets, the incident highlights the significant risks associated with supply chain attacks targeting developer tools and code repositories.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eThe attacker compromises the TanStack npm packages in a supply chain attack.\u003c/li\u003e\n\u003cli\u003eA developer installs the malicious Nx Console (version 18.95.0) VS Code extension from the Visual Studio Marketplace or OpenVSX.\u003c/li\u003e\n\u003cli\u003eThe malicious extension executes a payload designed to steal credentials and secrets for platforms like npm, AWS, Kubernetes, GitHub, and GCP/Docker.\u003c/li\u003e\n\u003cli\u003eThe compromised developer\u0026rsquo;s GitHub credentials are leaked through the GitHub CLI (gh).\u003c/li\u003e\n\u003cli\u003eThe attacker uses the stolen GitHub credentials to authenticate and run workflows on the GitHub repository.\u003c/li\u003e\n\u003cli\u003eThe attacker gains unauthorized access to approximately 3,800 of GitHub\u0026rsquo;s internal repositories.\u003c/li\u003e\n\u003cli\u003eThe attacker exfiltrates source code and other sensitive data from the breached repositories.\u003c/li\u003e\n\u003cli\u003eTeamPCP attempts to sell the stolen data for at least $50,000 on the Breached forum.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eThe successful exploitation resulted in the unauthorized access to approximately 3,800 of GitHub\u0026rsquo;s internal repositories. The attacker, TeamPCP, is attempting to sell the stolen data, including source code, for at least $50,000. This breach could lead to the exposure of sensitive internal code, security vulnerabilities, and proprietary information, potentially impacting GitHub\u0026rsquo;s competitive advantage and the security of its platform. The incident underscores the increasing risk of supply chain attacks targeting developer tools and the need for robust security measures to protect against compromised dependencies.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMonitor VS Code extension installations and deployments for suspicious activity, focusing on extensions related to Nx Console or TanStack, using a process creation rule (see \u0026ldquo;Detect Suspicious VS Code Extension Execution\u0026rdquo;).\u003c/li\u003e\n\u003cli\u003eImplement multi-factor authentication (MFA) for all developer accounts and regularly rotate credentials for critical services such as npm, AWS, Kubernetes, GitHub, and GCP/Docker.\u003c/li\u003e\n\u003cli\u003eDeploy the Sigma rule \u0026ldquo;Detect Credential Theft via Malicious VS Code Extension\u0026rdquo; to identify attempts to steal credentials using known malicious file names or file paths.\u003c/li\u003e\n\u003cli\u003eMonitor network connections originating from VS Code extensions to detect unauthorized data exfiltration or communication with suspicious domains or IP addresses.\u003c/li\u003e\n\u003cli\u003eReview and harden CI/CD pipelines to prevent the use of stolen credentials, focusing on securing access to sensitive resources and monitoring for unauthorized workflow executions.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-05-21T06:54:47Z","date_published":"2026-05-21T06:54:47Z","id":"https://feed.craftedsignal.io/briefs/2026-05-github-repo-breach/","summary":"GitHub experienced a breach affecting 3,800 internal repositories due to a supply chain attack targeting TanStack npm packages; the attacker compromised an employee's machine via a malicious version of the Nx Console VS Code extension and gained access to internal GitHub repositories by stealing credentials and secrets.","title":"GitHub Breach Linked to TanStack npm Supply Chain Attack via Malicious VS Code Extension","url":"https://feed.craftedsignal.io/briefs/2026-05-github-repo-breach/"}],"language":"en","title":"CraftedSignal Threat Feed — Mistral AI Npm Packages","version":"https://jsonfeed.org/version/1.1"}