Visual Studio Code Marketplace — CraftedSignal Threat Feedhttps://feed.craftedsignal.io/products/visual-studio-code-marketplace/Trending threats, MITRE ATT&CK coverage, and detection metadata. Fed continuously.Hugoenhello@craftedsignal.iohello@craftedsignal.ioThu, 21 May 2026 06:54:47 +0000GitHub Breach Linked to TanStack npm Supply Chain Attack via Malicious VS Code Extensionhttps://feed.craftedsignal.io/briefs/2026-05-github-repo-breach/Thu, 21 May 2026 06:54:47 +0000hello@craftedsignal.iohttps://feed.craftedsignal.io/briefs/2026-05-github-repo-breach/GitHub experienced a breach affecting 3,800 internal repositories due to a supply chain attack targeting TanStack npm packages; the attacker compromised an employee's machine via a malicious version of the Nx Console VS Code extension and gained access to internal GitHub repositories by stealing credentials and secrets.On May 21, 2026, GitHub revealed that a breach affecting 3,800 internal repositories occurred due to a supply chain attack. This attack, attributed to the TeamPCP threat group, originated with the compromise of TanStack npm packages and quickly spread to other projects including UiPath, Guardrails AI, and OpenSearch. The initial compromise involved a malicious version of the Nx Console Visual Studio Code (VS Code) extension. The attacker gained access by compromising a developer’s machine, stealing credentials, and exploiting the GitHub CLI (gh) to run workflows on the GitHub repository as a contributor. While GitHub has secured the compromised device and rotated critical secrets, the incident highlights the significant risks associated with supply chain attacks targeting developer tools and code repositories.

Attack Chain

  1. The attacker compromises the TanStack npm packages in a supply chain attack.
  2. A developer installs the malicious Nx Console (version 18.95.0) VS Code extension from the Visual Studio Marketplace or OpenVSX.
  3. The malicious extension executes a payload designed to steal credentials and secrets for platforms like npm, AWS, Kubernetes, GitHub, and GCP/Docker.
  4. The compromised developer’s GitHub credentials are leaked through the GitHub CLI (gh).
  5. The attacker uses the stolen GitHub credentials to authenticate and run workflows on the GitHub repository.
  6. The attacker gains unauthorized access to approximately 3,800 of GitHub’s internal repositories.
  7. The attacker exfiltrates source code and other sensitive data from the breached repositories.
  8. TeamPCP attempts to sell the stolen data for at least $50,000 on the Breached forum.

Impact

The successful exploitation resulted in the unauthorized access to approximately 3,800 of GitHub’s internal repositories. The attacker, TeamPCP, is attempting to sell the stolen data, including source code, for at least $50,000. This breach could lead to the exposure of sensitive internal code, security vulnerabilities, and proprietary information, potentially impacting GitHub’s competitive advantage and the security of its platform. The incident underscores the increasing risk of supply chain attacks targeting developer tools and the need for robust security measures to protect against compromised dependencies.

Recommendation

  • Monitor VS Code extension installations and deployments for suspicious activity, focusing on extensions related to Nx Console or TanStack, using a process creation rule (see “Detect Suspicious VS Code Extension Execution”).
  • Implement multi-factor authentication (MFA) for all developer accounts and regularly rotate credentials for critical services such as npm, AWS, Kubernetes, GitHub, and GCP/Docker.
  • Deploy the Sigma rule “Detect Credential Theft via Malicious VS Code Extension” to identify attempts to steal credentials using known malicious file names or file paths.
  • Monitor network connections originating from VS Code extensions to detect unauthorized data exfiltration or communication with suspicious domains or IP addresses.
  • Review and harden CI/CD pipelines to prevent the use of stolen credentials, focusing on securing access to sensitive resources and monitoring for unauthorized workflow executions.
]]>highthreatsupply-chainvscodenpmgithubcredential-theft