Published On 5/26/2026
|
Last update: 10:56 (Mecca time)
The famous GitHub platform for hosting code was subjected to a group of successive cyber attacks in a short period of time, causing a number of code libraries to be infected with malicious software that exposes user accounts and devices to various cyber risks.
More than 3,800 different software libraries were infected within the “GitHub” platform during the first attack, according to a report by the American technical website “CyberScope” and the platform’s statements through its official account on the “X” platform.
GitHub accused a hacker group called TeamPCP of being behind the attack and targeting open source software repositories in particular.
The Cyber Scope report stated that the hacker group displayed a group of materials directly related to the attack on cybercrime forums.
Then the platform was subjected to another attack organized by a group simulating the TeamPCB team, according to a report by the American technical website TechRadar.
The report confirmed that this attack affected more than 5,000 open source software repositories on GitHub, days after the first attack on the platform.
Unlike TeamPCP, the Megalodon group, as researchers at the American security company Safedeep called it, targeted users and developers alike.
This attack relied on a mechanism similar to malicious software worms that move from one device to another automatically with the aim of stealing the credentials of the various servers and accounts present on the user’s device affected by the attack.
Why was GitHub subjected to these attacks?
A separate report from the American technology website Wired indicates that TeamPCB is a hacker group that launches attacks on software supply chains, previously affecting hundreds of institutions and companies around the world.
Therefore, the attack on GitHub is part of the organized attacks launched by the group on software institutions and companies with the aim of blackmailing them in an attempt to benefit financially.
The Wired report states that the group has launched more than 20 attacks over the past months, indicating the possibility that the group’s successful attacks will continue.
How did GitHub fall?
A GitHub statement revealed that the attack was carried out through a software tool belonging to the Visual Studio Code platform that was infected with malware that caused the data of a GitHub administrator to be stolen.
This increases the risk of the attack, because the infected tool is “NX Console”, which is one of the most famous tools affiliated with the “Visual Studio Code” software and used by millions around the world.
This is the latest attack on software directed at developers and programmers, such as Docker, PyPi, and other various platforms.
The Cyber Scope report advises users to update their software environments and install the latest versions of Visual Studio Code and its associated tools to ensure their safety and protect them from falling victim to such attacks.
It should be noted that both Visual Studio Code and GitHub are owned by Microsoft, and it works with the management of the two platforms to update and remove defective software.
