GitHub, Inc.

GitHub Confirms Hack Affecting Thousands of Internal Code Repositories

May 20, 2026 - GitHub has confirmed that hackers breached its systems and stole data from approximately 3,800 internal code repositories. The Microsoft-owned developer platform said the breach originated from a compromised employee device involving a malicious Visual Studio Code extension. While GitHub stated it has found “no evidence of impact to customer information stored outside of GitHub’s internal repositories,” the company noted that its investigation into the incident is still ongoing.

The attack highlights a growing trend of cybercriminals targeting popular open-source tools and coding extensions to compromise developers and software supply chains at scale. GitHub did not disclose the name of the compromised VS Code extension. Reports from The Record and Bleeping Computer indicate that a hacking group known as TeamPCP has claimed responsibility for the breach and is allegedly attempting to sell the stolen data on cybercrime forums.

TeamPCP has previously been linked to other high-profile cyberattacks, including a breach involving the European Commission, where attackers reportedly stole over 90 gigabytes of data after compromising Trivy, a vulnerability scanning tool. The GitHub breach also follows a recent attack targeting OpenAI through TanStack, another developer platform, where malicious updates were used to steal passwords and authentication tokens from users.

Source: https://techcrunch.com/2026/05/20/github-says-hackers-stole-data-from-thousands-of-internal-repositories/

GitHub Expands Secret Scanning With General Availability of MCP Server Integration

May 12, 2026 - GitHub has announced the general availability of secret scanning support through its MCP Server, extending automated credential detection and remediation capabilities into AI-assisted and agent-driven software development workflows. The update is designed to help organizations detect exposed secrets such as API keys, tokens, and credentials earlier in the development lifecycle while enabling AI tools and external systems to interact with GitHub security findings in a more automated and structured way.

The integration allows external tools, AI agents, and automation platforms to programmatically access secret scanning alerts, automate remediation, and enforce security policies directly within CI/CD pipelines and development environments. GitHub said the move addresses growing concerns around credential exposure as AI coding assistants generate and modify code at scale. By making secret scanning machine-readable and automation-friendly, the company aims to embed security directly into AI-native DevSecOps workflows rather than relying solely on manual developer reviews.

The release reflects a broader industry trend toward autonomous security operations within software delivery pipelines. Other platforms including GitLab, Snyk, and TruffleHog have also expanded secret detection and scanning capabilities, while cloud providers such as AWS and Google Cloud continue integrating secrets management into development tooling. GitHub said the MCP Server integration lays the groundwork for AI agents that can not only generate and deploy code, but also identify and respond to security risks as part of routine operations.

Source: https://www.infoq.com/news/2026/05/github-mcp-secret-scanning/

GitHub Copilot in Visual Studio Code, April Releases

May 6, 2026 - GitHub announced several new Copilot features in Visual Studio Code as part of releases v1.116 through v1.119. The updates introduce semantic search across all workspaces, allowing Copilot to search codebases by meaning and perform grep-style searches across GitHub repositories and organizations. An experimental /chronicle feature now lets users search their chat history to recall past work, referenced files, and pull requests. GitHub also improved prompt caching, deferred tool loading, and agentic tools to reduce token usage while maintaining performance.

The update expands Copilot’s agent capabilities with inline code diffs in chat, browser tab sharing, and read/write access to open terminals. Business and Enterprise users can now connect their own AI model providers directly in VS Code, including OpenAI, Anthropic, Google, and OpenRouter, while administrators gain new controls over agent access policies. GitHub also added support for monitoring Copilot CLI sessions remotely from GitHub.com or its mobile app, alongside persistent debug logs and notifications for long-running background terminal commands.

Source: https://github.blog/changelog/2026-05-06-github-copilot-in-visual-studio-code-april-releases/

Fast Mode for Claude Opus 4.6 Launches in GitHub Copilot Preview

February 7, 2026 - GitHub Copilot has introduced a research preview of Fast mode for Claude Opus 4.6, delivering significantly accelerated performance. This experimental release enhances output token speeds by up to 2.5 times compared to standard mode, while preserving the full capabilities of the Opus 4.6 model.

Access and Availability

Fast mode is currently being made available to users on Copilot Pro+ and Enterprise plans. The feature can be selected via the model picker in:

• Visual Studio Code (across chat, ask, edit, and agent modes)
• Copilot CLI

The rollout is phased, so users who don't see the option yet are encouraged to check back later.

How to Enable

For organizations using the Copilot Enterprise plan, administrators must activate the Fast mode for Claude Opus 4.6 policy within the Copilot settings panel.

Learn More

For a full overview of available models in GitHub Copilot, users can refer to the official documentation.

Feedback Welcome

Join the GitHub Community to provide feedback and share experiences with the new Fast mode feature.

Source: https://github.blog/changelog/2026-02-07-claude-opus-4-6-fast-is-now-in-public-preview-for-github-copilot/

GitHub CEO Thomas Dohmke to Step Down, Plans Return to Founding Role

August 11, 2025 - GitHub CEO Thomas Dohmke announced Monday that he will step down from his position at the Microsoft-owned developer platform by the end of the year. In a blog post, Dohmke revealed plans to “become a founder again” after his departure.

According to Axios, Microsoft does not plan to directly replace the CEO role. Instead, GitHub’s leadership team will report to multiple Microsoft executives moving forward.

“With more than 1B repos and forks, and over 150 million developers, GitHub has never been stronger than it is today,” Dohmke wrote. “We have seen more open-source projects with more contributions every year. AI projects have doubled in the last year alone. And our presence in companies of any size is unmatched in the market.”

Dohmke’s decision comes as GitHub faces intensifying competition from rivals such as Google and Cursor, particularly in the race to develop advanced AI tools for programmers.

Source: https://techcrunch.com/2025/08/11/github-ceo-to-step-down/

GitHub Copilot Surpasses 20 Million All-Time Users

July 30, 2025 - GitHub Copilot, the AI-powered coding assistant from Microsoft-owned GitHub, has now exceeded 20 million all-time users, according to Microsoft CEO Satya Nadella on Wednesday's earnings call. A GitHub spokesperson confirmed to TechCrunch that this figure represents cumulative users since launch.

This milestone comes just three months after GitHub Copilot hit 15 million users, signaling an additional five million new users in that period. However, Microsoft and GitHub have not disclosed how many of those users are active on a daily or monthly basis.

Microsoft reported that GitHub Copilot is currently in use by 90% of the Fortune 100. Additionally, enterprise adoption of the tool has surged by approximately 75% quarter-over-quarter.

AI coding assistants are emerging as one of the few AI segments generating significant revenue. In 2024, Nadella stated that GitHub Copilot had become a larger business than GitHub itself was at the time of Microsoft’s 2018 acquisition. Its growth trajectory has continued upward since then.

Despite their growth, AI coding tools maintain relatively small user bases compared to mainstream AI chatbots like ChatGPT and Gemini, which serve hundreds of millions of users monthly. Nonetheless, software engineers and organizations appear willing to invest in these specialized tools. With Microsoft’s enterprise reach and GitHub’s developer community, GitHub Copilot is well-positioned to lead in the enterprise AI coding space.

Rival AI coding platform Cursor is also vying for dominance, particularly in the enterprise segment. Cursor reportedly had over one million daily users in March and was generating around $200 million in annualized recurring revenue at the time, per Bloomberg. That figure has since grown to more than $500 million, indicating a rapid user expansion.

Though originally targeting different aspects of the developer workflow, GitHub Copilot and Cursor have increasingly evolved into similar offerings. Both now feature AI agents capable of reviewing code and detecting bugs, as well as tools designed to automate programming tasks entirely. Nadella noted that GitHub is seeing strong momentum with these AI coding agents.

Beyond Cursor, GitHub faces competition from major players including Google, which acquired the core team behind AI coding startup Windsurf. Cognition, the company behind Devin, has also taken on the remaining Windsurf team. Additionally, OpenAI and Anthropic are advancing their own enterprise-focused AI coding tools, leveraging their proprietary Codex and Claude Code models, respectively.

With numerous well-funded contenders, the AI coding space is rapidly emerging as one of the most competitive sectors in artificial intelligence.

Source: https://techcrunch.com/2025/07/30/github-copilot-crosses-20-million-all-time-users/