Full Report
TeamPCP has leveraged a compromised GitHub account to inject malicious code into at least 42 repositories and 236 branches across the Azure, Azure-Samples and Microsoft GitHub organizations. They were published between 02:36 and 03:22 UTC on 5 June 2026. As of 14:00 UTC on 5 J...
Analysis Summary
# Incident Report: TeamPCP Microsoft-Linked GitHub Supply Chain Compromise
## Executive Summary
Between 02:36 and 03:22 UTC on June 5, 2026, the threat actor TeamPCP utilized a compromised GitHub account to inject malicious code into several high-profile Microsoft-related organizations. The attack impacted 42 repositories and 236 branches across the Azure, Azure-Samples, and Microsoft GitHub organizations. While malicious code was successfully published to the repositories, internal distribution channels remained unaffected at the time of discovery.
## Incident Details
- **Discovery Date:** June 5, 2026 (~14:00 UTC)
- **Incident Date:** June 5, 2026 (02:36 – 03:22 UTC)
- **Affected Organization:** Microsoft (Azure, Azure-Samples, and Microsoft GitHub Orgs)
- **Sector:** Technology / Cloud Service Provider
- **Geography:** Global
## Timeline of Events
### Initial Access
- **Date/Time:** June 5, 2026, 02:36 UTC
- **Vector:** Compromised Credentials
- **Details:** Attackers gained unauthorized access to a GitHub account with write permissions to official Microsoft organizations.
### Lateral Movement
- The attackers utilized the established repository permissions to move across at least three distinct GitHub organizations: `Azure`, `Azure-Samples`, and `Microsoft`.
### Data Exfiltration/Impact
- **Malicious Injection:** Malicious code was injected and published to 42 repositories and 236 branches.
- **Time Window:** The active injection phase lasted 46 minutes.
### Detection & Response
- **Discovery:** Identified by security monitoring by 14:00 UTC on June 5, 2026.
- **Response actions taken:** Verification that malicious code was contained within the GitHub environment and had not propagated to secondary distribution channels or upstream production environments.
## Attack Methodology
- **Initial Access:** Supply Chain Compromise via compromised GitHub user account.
- **Persistence:** Not explicitly stated, though code remained in repository branches until cleanup.
- **Privilege Escalation:** Use of an account with administrative or write access to multiple organization repositories.
- **Defense Evasion:** Not specified, though the speed of the attack (46 minutes) suggests an automated script to minimize detection window.
- **Credential Access:** Likely obtained via credential harvesting, phishing, or reuse (outside the scope of the immediate repo activity).
- **Discovery:** Mapping of accessible repositories within the Microsoft GitHub ecosystem.
- **Lateral Movement:** Campaign-style injection across multiple organizational entities.
- **Collection:** N/A.
- **Exfiltration:** N/A.
- **Impact:** Publishing trojanized packages/code to public-facing source code repositories.
## Impact Assessment
- **Financial:** Not disclosed; primarily labor costs for remediation and audit.
- **Data Breach:** None reported; the focus was on code integrity rather than data theft.
- **Operational:** Disruption to developer workflows and temporary loss of trust in affected repository branches.
- **Reputational:** High; compromise of official Microsoft-branded repositories presents a significant supply chain risk to downstream users.
## Indicators of Compromise
- **Network indicators:** N/A.
- **File indicators:** Repository branch updates/commits between 02:36 and 03:22 UTC on June 5, 2026.
- **Behavioral indicators:** Unusual commit volume/frequency from a single account across multiple organizations in a short timeframe.
## Response Actions
- **Containment measures:** Isolation of the compromised GitHub account and revocation of permissions.
- **Eradication steps:** Removal of malicious code from the 236 impacted branches.
- **Recovery actions:** Auditing of distribution channels to ensure no "build" processes triggered the deployment of trojanized artifacts.
## Lessons Learned
- **Permission Scoping:** High-privilege accounts should not have broad write access across multiple distinct organizations (Azure vs. Azure-Samples) without strict necessity.
- **Monitoring:** Rapid detection of bulk commits spanning multiple organizations is critical for stopping automated supply chain attacks.
- **MFA:** The compromise of a single account highlights the necessity of enforced phishing-resistant Multi-Factor Authentication (MFA) for all contributors to public repositories.
## Recommendations
- **Least Privilege:** Enforce granular permissions for GitHub users; use "Fine-grained personal access tokens" where possible.
- **Branch Protection:** Implement branch protection rules requiring signed commits and mandatory code reviews from independent parties for all branches, including samples.
- **Anomaly Detection:** Deploy automated monitoring to alert on high-velocity code changes or commits originating from suspicious locations/times.