TeamPCP (UNC6780) Mini Shai-Hulud Worm Pivots Through Poisoned Nx Console VS Code Extension to Exfiltrate 3,800 GitHub Internal Repos

The financially motivated supply-chain threat group TeamPCP (tracked by Google TAG as UNC6780) breached GitHub's internal codebase after a GitHub employee installed a backdoored version of the Nx Console VS Code extension — itself a downstream casualty of the May 11 TanStack npm compromise. The malicious extension was live for only 18 minutes on the Visual Studio Marketplace but harvested credentials for 1Password, AWS, npm, Kubernetes, and GitHub tokens, enabling CI/CD pipeline traversal and exfiltration of roughly 3,800 private repositories. The same campaign also compromised two OpenAI employee devices (triggering macOS code-signing cert rotation), Mistral AI SDKs, and Grafana Labs' codebase — all via the self-replicating Mini Shai-Hulud worm, which has now executed at least seven confirmed supply-chain waves with zero CVEs, operating entirely through OIDC token abuse and stolen maintainer credentials.

This intelligence brief has been compiled from open-source reporting and corroborated across multiple threat intelligence sources. Defenders should treat the critical severity rating as a guide to prioritization within their environment.

For the latest indicators of compromise, formatted SIEM queries, and unredacted actor intelligence related to this brief, DMZ Operator subscribers receive automated IOC packages via email the moment new advisories are published.