The Worm That Ate the Supply Chain: How One Threat Actor Compromised GitHub, npm, and the Tools You Trust
TeamPCP (UNC6780) spent 2026 systematically compromising the developer toolchain — from the Mini Shai-Hulud npm worm to poisoning VS Code extensions that breached GitHub’s own internal repositories. Here’s the full story and what you need to do about it.