Skip to content
Close Menu

    Subscribe to Updates

    Get the latest news from tastytech.

    What's Hot

    France vs Morocco: World Cup quarterfinal – prediction, start time, lineups | World Cup 2026 News

    July 9, 2026

    Can You Video Chat Alongside 69,000 World Cup Fans? I Stress-Tested Stadium Phone Service at a Match

    July 9, 2026

    Sony Settles With Fired Bungie Dev, Adds Him To Marathon Credits

    July 9, 2026
    Facebook X (Twitter) Instagram
    Facebook X (Twitter) Instagram
    tastytech.intastytech.in
    Subscribe
    • AI News & Trends
    • Tech News
    • AI Tools
    • Business & Startups
    • Guides & Tutorials
    • Tech Reviews
    • Automobiles
    • Gaming
    • movies
    tastytech.intastytech.in
    Home»Tech Reviews»A hacker group is poisoning open source code at an unprecedented scale
    A hacker group is poisoning open source code at an unprecedented scale
    Tech Reviews

    A hacker group is poisoning open source code at an unprecedented scale

    gvfx00@gmail.comBy gvfx00@gmail.comMay 24, 2026No Comments2 Mins Read
    Share
    Facebook Twitter LinkedIn Pinterest Email



    A so-called software supply chain attack, in which hackers corrupt a legitimate piece of software to hide their own malicious code, was once a relatively rare event but one that haunted the cybersecurity world with its insidious threat of turning any innocent application into a dangerous foothold in a victim’s network. Now one group of cybercriminals has turned that occasional nightmare into a near-weekly episode, corrupting hundreds of open source tools, extorting victims for profit, and sowing a new level of distrust in an entire ecosystem used to create the world’s software.

    On Tuesday night, open source code platform GitHub announced that it had been breached by hackers in one such software supply chain attack: A GitHub developer had installed a “poisoned” extension for VSCode, a plug-in for a commonly used code editor that, like GitHub itself, is owned by Microsoft. As a result, the hackers behind the breach, an increasingly notorious group called TeamPCP, claim to have accessed around 4,000 of GitHub’s code repositories. GitHub’s statement confirmed that it had found at least 3,800 compromised repositories while noting that, based on its findings so far, they all contained GitHub’s own code, not that of customers.

    “We are here today to advertise GitHub’s source code and internal orgs for sale,” TeamPCP wrote on BreachForums, a forum and marketplace for cybercriminals. “Everything for the main platform is there and I very am happy to send samples to interested buyers to verify absolute authenticity.”

    The GitHub breach is just the latest incident in what has become the longest-running spree of software supply chain attacks ever, with no end in sight. According to cybersecurity firm Socket, which focuses on software supply chains, TeamPCP has, in just the last few months, carried out 20 “waves” of supply chain attacks that have hidden malware in more than 500 distinct pieces of software, or well over a thousand counting all of the various versions of the code that TeamPCP has hijacked.

    Table of Contents

    Toggle
      • Related posts:
    • Anker Debuts Soundcore Liberty 5 Pro Earbuds With Its Thus AI Chip
    • Check Your CGM: Recalled FreeStyle Libre 3 Sensors Associated With 7 Deaths
    • The rise of Moltbook suggests viral AI prompts may be the next big security threat

    Related posts:

    Today's NYT Mini Crossword Answers for April 20

    Contrary to popular superstition, AES 128 is just fine in a post-quantum world

    How to watch Royal Institution Christmas Lectures 2025 for FREE

    Share. Facebook Twitter Pinterest LinkedIn Tumblr Email
    Previous ArticleTwitch Streamer Hasan Piker Subpoenaed Over Aid Trip To Cuba
    Next Article Build a Browser Agent with Playwright MCP and Claude Desktop
    gvfx00@gmail.com
    • Website

    Related Posts

    Tech Reviews

    Can You Video Chat Alongside 69,000 World Cup Fans? I Stress-Tested Stadium Phone Service at a Match

    July 9, 2026
    Tech Reviews

    I can’t get Netflix to run smoothly in my house — but NASA just sent a 4K video stream from the Moon, thanks to AWS

    July 9, 2026
    Tech Reviews

    US rare earths flow to Asia as domestic demand is slow to emerge

    July 8, 2026
    Add A Comment
    Leave A Reply Cancel Reply

    Top Posts

    Black Swans in Artificial Intelligence — Dan Rose AI

    October 2, 2025206 Views

    Every Clue That Tony Stark Was Always Doctor Doom

    October 20, 2025131 Views

    We let ChatGPT judge impossible superhero debates — here’s how it ruled

    December 31, 2025100 Views
    Stay In Touch
    • Facebook
    • YouTube
    • TikTok
    • WhatsApp
    • Twitter
    • Instagram

    Subscribe to Updates

    Get the latest tech news from tastytech.

    About Us
    About Us

    TastyTech.in brings you the latest AI, tech news, cybersecurity tips, and gadget insights all in one place. Stay informed, stay secure, and stay ahead with us!

    Most Popular

    Black Swans in Artificial Intelligence — Dan Rose AI

    October 2, 2025206 Views

    Every Clue That Tony Stark Was Always Doctor Doom

    October 20, 2025131 Views

    We let ChatGPT judge impossible superhero debates — here’s how it ruled

    December 31, 2025100 Views

    Subscribe to Updates

    Get the latest news from tastytech.

    Facebook X (Twitter) Instagram Pinterest
    • Homepage
    • About Us
    • Contact Us
    • Privacy Policy
    © 2026 TastyTech. Designed by TastyTech.

    Type above and press Enter to search. Press Esc to cancel.

    Ad Blocker Enabled!
    Ad Blocker Enabled!
    Our website is made possible by displaying online advertisements to our visitors. Please support us by disabling your Ad Blocker.