GitHub Breach 2026: How a Malicious VS Code Extension Triggered a Massive Supply Chain Attack

GitHub confirmed 3,800 internal repos were breached by TeamPCP via a poisoned VS Code extension in May 2026. Here's exactly how it happened.

GitHub confirmed 3,800 internal repos were breached by TeamPCP via a poisoned VS Code extension in May 2026. Here's exactly how it happened.

Perplexity Bumblebee is a free, read-only open-source scanner that finds risky packages, extensions & AI configs on developer machines, no code execution required.

OpenHack is Hadrian's MIT-licensed AI agent workflow that finds real vulnerabilities in source code, running inside Claude Code, Codex, or Cursor. Here's everything you need to know