Your Code Editor Just Became a Backdoor. Here's What Happened.

GitHub got breached through VS Code.

Let that sink in. GitHub. The platform that hosts the source code for basically everything on the internet. Breached. And the attack vector wasn't some exotic zero-day. It was a VS Code extension.

On May 18th, a threat group called TeamPCP (tracked by Google as UNC6780) compromised a developer on the Nx Console team, used their credentials to publish a trojaned version of the extension to the Visual Studio Marketplace, and within 18 minutes, harvested credentials from over 6,000 installs. One of those installs was a GitHub employee. That employee's credentials gave the attackers access to roughly 3,800 internal GitHub repositories.

The CVE is CVE-2026-48027. CVSS score: 9.3 out of 10.

Eighteen minutes. That's all it took.

What the extension actually did.

The malicious version of Nx Console (version 18.95.0) looked identical to the legitimate one. Same name, same icon, same publisher name. If you had it installed and it auto-updated, you got the payload without any indication that anything changed.

Once running, the extension harvested credentials from:

• GitHub tokens
• npm authentication tokens
• AWS credentials
• HashiCorp Vault secrets
• Kubernetes configs
• 1Password vault data
• Claude Code configurations
• SSH keys
• Environment variables

It grabbed everything it could find on the developer's machine and exfiltrated it. The attacker then used those stolen credentials to access whatever those credentials could reach. In the case of the GitHub employee, that meant internal source code repositories.

This is the same group that hit TanStack.

TeamPCP is the group behind Mini Shai-Hulud, the supply chain worm that compromised TanStack (12 million weekly downloads), Mistral AI, UiPath, Guardrails AI, and over 160 packages across npm and PyPI. I wrote about that in my article on supply chain attacks.

This is a pattern, not an isolated incident. The same group has been running through the developer toolchain all year:

• March 2026: Trivy (security scanner, yes really, a security tool)
• May 11: TanStack, LiteLLM, elementary-data
• May 12: Mistral AI, Guardrails AI, Bitwarden CLI
• May 18: Nx Console VS Code extension, leading to the GitHub breach

They're not targeting one package. They're targeting the entire development ecosystem. Every tool developers trust.

VS Code extensions are the Wild West.

Here's the part that should concern every business that has developers:

The Visual Studio Marketplace has almost no meaningful security review for extensions. Anyone can publish an extension. There's no code signing requirement. There's no mandatory review process. Microsoft runs some automated scans, but they consistently miss malicious payloads, especially when the malicious code is fetched at runtime instead of bundled in the package.

This year alone, beyond the Nx Console incident:

• The TigerJack campaign distributed at least 11 malicious extensions since January
• Extensions masquerading as AI coding assistants with 1.5 million installs were caught exfiltrating data to servers in China
• Fake Solidity and C++ language extensions were stealing cryptocurrency wallet credentials, with one confirmed theft of $500,000
• Extensions have been caught taking screenshots, stealing WiFi passwords, reading clipboards, and hijacking browser sessions

VS Code is the most popular code editor in the world. Over 70% of developers use it. And its extension marketplace has roughly the same security posture as an app store from 2010.

What your team needs to do.

1. Audit every VS Code extension installed on company machines.

Right now. Open VS Code, go to the Extensions view, and look at what's installed. If anyone on your team has extensions they don't recognize or don't actively use, remove them. Every extension has access to your entire workspace, your terminal, your filesystem, and your credentials.

2. Disable extension auto-updates.

In VS Code settings, set extensions.autoUpdate to false. This prevents a trusted extension from silently updating to a compromised version. When updates are available, review what changed before accepting them.

3. Lock down which extensions are allowed.

VS Code supports organization-managed extension policies. If you manage a development team, maintain an approved list. Extensions that aren't on the list don't get installed. Yes, this adds friction. That friction prevents breaches.

4. Use extension signatures when available.

VS Code now supports extension signing verification. Enable it. It won't catch every attack (the Nx Console payload was published by a compromised legitimate account), but it raises the bar.

5. Treat your development environment as a high-value target.

Developers have the keys to everything. Source code, deployment pipelines, cloud credentials, database access. A compromised developer workstation is often more valuable to an attacker than a compromised server because it's a starting point for lateral movement into every system the developer touches.

That means developer machines need the same security controls as any other high-value asset: endpoint detection, privilege management, credential rotation, and yes, training on social engineering and supply chain attacks.

This isn't just a developer problem.

If you're a business owner reading this and thinking "we don't have developers," think again. Does your IT provider use VS Code? Does the freelancer who built your website? Does the agency that manages your app?

Supply chain attacks don't stop at the developer. They flow downstream to every business that uses the software those developers build. The compromised packages from Mini Shai-Hulud ended up in production applications serving millions of users. A malicious VS Code extension on one developer's laptop can lead to compromised code in your product, your client portal, your payment system.

The supply chain is everyone's problem. And the only defense is awareness, discipline, and a healthy distrust of anything that auto-updates without your explicit approval.

(773) 417-9994 or southsidechisolutions.com