Advertisement
TeamPCP Supply Chain Campaign: Weaponized Scanners and PyPI Compromise
Analysis of the TeamPCP campaign transition to monetization following the Telnyx PyPI compromise and Vect ransomware partnership affecting security tools.
TeamPCP Supply Chain Attack: Telnyx PyPI Compromise and Vect Ransomware
TeamPCP campaign escalates with Telnyx PyPI compromise and Vect Ransomware mass affiliate program. Critical update for software developers and SOC teams.
TeamPCP Supply Chain: Checkmarx Wider Scope & LiteLLM PyPI Compromise
An update on the TeamPCP supply chain campaign details wider Checkmarx impact, LiteLLM PyPI compromise, and a CISA KEV entry.
TeamPCP Supply Chain Attacks Target Docker Hub, PyPI, and VS Code
TeamPCP expands supply chain attack tactics from GitHub Actions to Docker Hub, PyPI, and VS Code extensions, collaborating with the Lapsus$ hacking group.
Checkmarx KICS & VS Code Plugin Targeted in Supply Chain Attack
TeamPCP exploited Checkmarx KICS, VS Code plugins, and LiteLLM in a supply chain attack targeting code scanners and AI libraries, indicating expanding threats.
LiteLLM PyPI Supply Chain Attack: TeamPCP Steals Credentials
TeamPCP compromised the LiteLLM PyPI package, backdooring it to steal credentials and auth tokens from hundreds of thousands of devices.
TeamPCP Targets Kubernetes Clusters with Iran-Specific Wiper Malware
TeamPCP is targeting misconfigured Kubernetes clusters to deploy a data-wiping script that specifically triggers on Iranian system configurations and locales.