Advertisement
Shai-Hulud Campaign: TeamPCP Targets Open-Source Supply Chain
Analysis of the Shai-Hulud campaign by TeamPCP, detailing their open-source supply chain attacks, TTPs, and critical mitigation strategies.
TeamPCP Supply Chain Attack Targets Microsoft SDKs and GitHub
TeamPCP expands its supply chain campaign to trojanize official Microsoft Python SDKs and infiltrate GitHub, requiring immediate dependency audits.
TrapDoor Campaign: Detecting Cross-Ecosystem Supply Chain Attacks
The TrapDoor campaign targets npm, PyPI, and Crates.io with over 384 malicious versions designed to exfiltrate developer credentials and sensitive data.
TeamPCP Jenkins Plugin Compromise and Mini Shai-Hulud Worm Analysis
TeamPCP escalates its supply chain campaign with a confirmed Jenkins plugin compromise and a self-spreading worm targeting the npm and PyPI ecosystems.
Developer Workstations: The New Front in Software Supply Chain Attacks
A surge in attacks targeting npm, PyPI, and Docker Hub highlights a shift toward stealing developer credentials and API keys from workstations and CI/CD pipelines.
OpenAI Breach: TanStack Supply Chain Attack Impacts Employee Devices
OpenAI confirms two employee devices compromised in a TanStack supply chain attack affecting npm and PyPI packages, prompting certificate rotation.
Shai-Hulud Supply Chain Attack: Malicious npm and Mistral Packages
The Shai-Hulud campaign targets developers with over 300 signed npm and PyPI packages impersonating TanStack and Mistral to steal sensitive credentials.
Mini Shai-Hulud Worm Compromises TanStack and Mistral AI Packages
TeamPCP actor compromises major npm and PyPI packages including TanStack and Mistral AI via the Mini Shai-Hulud worm, deploying profiling malware.
Backdoored PyTorch Lightning Package Drops Credential Stealer
A malicious PyTorch Lightning package on PyPI delivers a credential stealer, targeting browser data, environment variables, and cloud service credentials. Urgent action
PyTorch Lightning 2.6.2/2.6.3 Compromise: Credential Theft Via Supply Chain
Threat actors injected malicious code into PyTorch Lightning versions 2.6.2 and 2.6.3 on PyPI, enabling credential theft via a supply chain attack. Urgent action
TeamPCP Supply Chain: Checkmarx KICS, Bitwarden CLI, xinference PyPI Attacks
TeamPCP resumes supply chain attacks with new compromises targeting Checkmarx KICS, Bitwarden CLI, and xinference PyPI. UNC6780 credential theft campaign continues.
litellm 1.82.8 Supply Chain Compromise via Malicious .pth File
Security analysis of a supply chain compromise in litellm 1.82.8 on PyPI, where a malicious .pth file enables automatic code execution on Python startup.