team-pcp

GitHub confirmed that a malicious VS Code extension installed by an employee led to the breach of approximately 3,800 internal repositories. The attacker group TeamPCP claimed responsibility and is attempting to sell the stolen data.