Attention: You are using an outdated browser, device or you do not have the latest version of JavaScript downloaded and so this website may not work as expected. Please download the latest software or switch device to avoid further issues.

News > Attacks & Threats > GitHub Confirms Breach, 4K Internal Repos Stolen

GitHub Confirms Breach, 4K Internal Repos Stolen

GitHub confirmed a data breach this week involving the theft of thousands of developer code repositories. One threat actor — TeamPCP — took credit.
21 May 2026
Written by Gabi Gerber
Attacks & Threats

Featured

Hacking Topics, Security Operation Center

GitHub confirmed today it was breached via an attacker that stole thousands of internal repositories.

TeamPCP, a financially motivated threat actor that has relentlessly targeted the open source ecosystem, yesterday published a post to a prominent Dark Web data breach forum that it would sell internal source code and organization data stolen from GitHub. This totaled "~4,000 repos of private code," according to the advertisement, and was for sale to an interested buyer. More here

Similar Stories

Attacks & Threats

Microsoft Exchange Flaw Lets Attackers Spoof Any Email Address

“Ghost-Sender" is the result of a widespread misconfiguration, according to researchers, and evidence indicates it's being actively abused in the wild. More...
Adaptive, Agentic AI Worms Loom as Next Enterprise Threat

AI worms, or "viruses with wings and brains," adapt to new environments, seek out vulnerabilities, and will likely strik… More...
Attackers Use AI to Automate EDR Evasion Testing

Python scripts were used to test malware against endpoint detection and response agents from Sophos, CrowdStrike, and Wi… More...
AI-Assisted Exploit Development Outpaces Scanner Detection

Attackers are using AI to dramatically reduce the time they need to develop a working exploit for a CVE, according to ne… More...
Securing AI Agents Before They Go Rogue Is Next to Impossible

High-autonomy agents with broad permissions and unfettered access are a recipe for disaster, and enterprises need to act… More...

Have your say

 

News Categories

Attacks & Threats

Microsoft Exchange Flaw Lets Attackers Spoof Any Email Address

“Ghost-Sender" is the result of a widespread misconfiguration, according to researchers, and evidence indicates it's being actively abused in the wild. More...
Adaptive, Agentic AI Worms Loom as Next Enterprise Threat

AI worms, or "viruses with wings and brains," adapt to new environments, seek out vulnerabilities, and will likely strik… More...
Attackers Use AI to Automate EDR Evasion Testing

Python scripts were used to test malware against endpoint detection and response agents from Sophos, CrowdStrike, and Wi… More...
AI-Assisted Exploit Development Outpaces Scanner Detection

Attackers are using AI to dramatically reduce the time they need to develop a working exploit for a CVE, according to ne… More...
Securing AI Agents Before They Go Rogue Is Next to Impossible

High-autonomy agents with broad permissions and unfettered access are a recipe for disaster, and enterprises need to act… More...

Show more
image

Contact Us

Security Interest Group Switzerland
c/o Bridge Head AG
Sulzbergstrasse 34
5430 Wettingen
Switzerland

Quick Links

Terms
Contact Us
Privacy Policy
Newsletter

Follow Us

This website is powered by
ToucanTech