GitHub investigates possible exposure of ~4,000 internal repositories

Colleagues — a cybersecurity alert: GitHub is investigating unauthorized access after TeamPCP claimed to be selling data from roughly 4,000 internal repositories.
Key points:
- GitHub currently finds no evidence of customer data leaking outside internal repos; infrastructure is under monitoring.
- Separately, the Mini Shai‑Hulud campaign compromised the durabletask PyPI package (v1.4.1–1.4.3), adding a loader and a Linux stealer.
- The stealer exfiltrates cloud credentials, password managers and keys; spreads via SSM and kubectl; may use GitHub commits as fallback C2.
Why it matters: affected versions or leaked secrets can yield full compromise — revoke tokens, scan environments and block the packages.
How will you respond?
#cybersecurity #supplychain #GitHub #PyPI


Latest comments
No comments yet.