GitHub Internal Repositories Breached via Compromised Nx Console VS Code Extension: 2026 Supply Chain Cybersecurity Incident Analysis – Rescana
Publish Date: 2026-05-21 17:39:00
Source Domain: www.rescana.com
Executive Summary
On May 18, 2026, a compromised version of the Nx Console Visual Studio Code extension was published to the official marketplace, resulting in a significant supply chain attack that impacted the software development ecosystem. The malicious extension, live for approximately 11–18 minutes, was installed by thousands of users and enabled attackers to exfiltrate credentials and internal source code repositories from affected organizations, including approximately 3,800 internal repositories from GitHub. The attack leveraged a stolen contributor’s GitHub token to push a malicious orphan commit and publish the compromised extension. The payload harvested a wide range of secrets, including cloud, CI/CD, and AI coding assistant credentials, and established persistent access on macOS systems. The threat group TeamPCP claimed responsibility for the breach. All major claims in this report are corroborated by at least three independent sources, with explicit URLs and dates provided.
Technical Information
The attack began with the theft of a contributor’s GitHub token, which was used to push an orphan commit containing an obfuscated JavaScript payload to the official nrwl/nx repository. This payload was then fetched and executed by the malicious Nx Console extension (version 18.95.0) once installed from the Visual Studio Code Marketplace. The extension was available for 11–18 minutes and had over 2.2 million installs, with estimates of over 6,000 affected installs during the compromise window. The payload harvested credentials and secrets from a wide range of sources, including GitHub, npm, AWS, HashiCorp Vault, Kubernetes, 1Password, and configuration files for AI coding assistants such as Claude Code. Exfiltration was performed via HTTPS, the GitHub API, and DNS tunneling.
Persistence was achieved on macOS systems by installing a Python backdoor and leveraging the GitHub Search API as a dead-drop for further commands. Filesystem indicators…
