Long-lived credentials in trusted tools: what IAM teams are missing

TL;DR: GitHub is investigating unauthorized access after a poisoned VS Code extension reportedly enabled internal repository exposure, with the attacker claim directionally consistent with GitHub’s findings and the campaign already tied to more than 500,000 infected machines and 300 GB of harvested credentials, according to Hush Security and Palo Alto Networks Unit 42. The central lesson is structural: standing credentials inside trusted environments remain the easiest thing to steal and the hardest thing to govern.

NHIMG editorial — based on content published by Hush Security covering the TeamPCP supply chain attack and GitHub investigation

By the numbers:

• The attacker claims approximately 3,800 repositories were accessed.

Questions worth separating out

Q: How should security teams reduce secret exposure in CI and developer workflows?

A: They should eliminate long-lived credentials wherever possible, replace them with short-lived or task-scoped access, and make sure secrets are never left on disk or in reusable environment variables.

Q: Why do trusted tools and extensions create such high credential risk?

A: Because trust in the tool does not limit what the tool can read once it is running in a privileged environment.

Q: What breaks when credential rotation is incomplete?

A: The old secret may still exist in overlooked systems, dependent tokens may keep working, and the attacker may already have copied what they need before rotation finished.

Practitioner guidance

• Inventory every standing developer and pipeline credential Map GitHub PATs, npm tokens, PyPI tokens, cloud keys, and internal publishing credentials to a named owner, a purpose, and a known expiry.
• Replace reusable secrets with short-lived access Move build and deployment flows toward OIDC or other task-scoped issuance so a compromised runner has less durable material to steal.
• Pin and validate trusted supply chain components Use commit SHA pinning for third-party actions, verify package provenance where possible, and review any workflow that consumes external extensions or release tags.

What's in the full analysis

Hush Security's full article covers the operational detail this post intentionally leaves for the source:

• Step-by-step description of the TeamPCP attack path across poisoned extensions, CI runners, and downstream package propagation.
• Detailed breakdown of the exact credential types harvested from files, memory, and local tooling, including publishing tokens.
• Hush-specific architecture for replacing standing secrets with policy-driven, just-in-time access tied to verified identity.
• Implementation examples for runtime observability across developer, container, and serverless environments.

👉 Read Hush Security's analysis of the TeamPCP supply chain attack on GitHub →

Long-lived credentials in trusted tools: what IAM teams are missing?

Explore further

View Full Forum →  |  NHI Foundation Course →