home.social
Sign in Create account

#teampcp — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #teampcp, aggregated by home.social.

  1. Hackread.com @[email protected] ·

    📢⚠️ A #TeamPCP-linked account claims to be selling alleged internal Mistral AI repositories days after the Mini Shai-Hulud supply chain attacks targeted npm and PyPI packages linked to the AI company.

    Read: hackread.com/teampcp-mistral-a

    #CyberSecurity #MistralAI #MiniShaiHulud #DataBreach

    #teampcp #cybersecurity #mistralai #minishaihulud #databreach
  2. Hackread.com @[email protected] ·

    📢⚠️ A #TeamPCP-linked account claims to be selling alleged internal Mistral AI repositories days after the Mini Shai-Hulud supply chain attacks targeted npm and PyPI packages linked to the AI company.

    Read: hackread.com/teampcp-mistral-a

    #CyberSecurity #MistralAI #MiniShaiHulud #DataBreach

    #teampcp #cybersecurity #mistralai #minishaihulud #databreach
  3. Hackread.com @Hackread ·

    Research reveals that hijacked OIDC tokens to poison hundreds of TanStack, Mistral AI, and UiPath packages with the self-propagating Mini Shai-Hulud worm.

    Read: hackread.com/teampcp-mini-shai

    #teampcp #cybersecurity #malware #shaihulud #cyberattack #npm
  4. Hackread.com @[email protected] ·

    Research reveals that #TeamPCP hijacked OIDC tokens to poison hundreds of TanStack, Mistral AI, and UiPath packages with the self-propagating Mini Shai-Hulud worm.

    Read: hackread.com/teampcp-mini-shai

    #CyberSecurity #Malware #ShaiHulud #CyberAttack #npm

    #teampcp #cybersecurity #malware #shaihulud #cyberattack #npm
  5. Hackread.com @[email protected] ·

    Research reveals that #TeamPCP hijacked OIDC tokens to poison hundreds of TanStack, Mistral AI, and UiPath packages with the self-propagating Mini Shai-Hulud worm.

    Read: hackread.com/teampcp-mini-shai

    #CyberSecurity #Malware #ShaiHulud #CyberAttack #npm

    #teampcp #cybersecurity #malware #shaihulud #cyberattack #npm
  6. Hackread.com @[email protected] ·

    Research reveals that #TeamPCP hijacked OIDC tokens to poison hundreds of TanStack, Mistral AI, and UiPath packages with the self-propagating Mini Shai-Hulud worm.

    Read: hackread.com/teampcp-mini-shai

    #CyberSecurity #Malware #ShaiHulud #CyberAttack #npm

    #npm #cyberattack #shaihulud #malware #cybersecurity #teampcp
  7. Hackread.com @[email protected] ·

    Research reveals that #TeamPCP hijacked OIDC tokens to poison hundreds of TanStack, Mistral AI, and UiPath packages with the self-propagating Mini Shai-Hulud worm.

    Read: hackread.com/teampcp-mini-shai

    #CyberSecurity #Malware #ShaiHulud #CyberAttack #npm

    #teampcp #cybersecurity #malware #shaihulud #cyberattack #npm
  8. CryptoLek 🍉🌻 @[email protected] ·

    More supply chain attacks incoming! Exciting! We are so fudged! Maybe, we''ll see.

    From the Telegram channel of Breached/BreachForums:

    Breached has teamed up with TeamPCP to host the first ever supply chain competition! Whoever is able to conduct the biggest supply chain operation using the now open source Shai Hulud worm will be congratulated and will receive a prize of $1000 USD in XMR from @diencracked. Make sure to read the rules posted in the announcement first.

    #Supplychain #TeamPCP #ShaiHulud #ShaiHuludWorm

    #supplychain #teampcp #shaihulud #shaihuludworm
  9. CryptoLek 🍉🌻 @[email protected] ·

    More supply chain attacks incoming! Exciting! We are so fudged! Maybe, we''ll see.

    From the Telegram channel of Breached/BreachForums:

    Breached has teamed up with TeamPCP to host the first ever supply chain competition! Whoever is able to conduct the biggest supply chain operation using the now open source Shai Hulud worm will be congratulated and will receive a prize of $1000 USD in XMR from @diencracked. Make sure to read the rules posted in the announcement first.

    #Supplychain #TeamPCP #ShaiHulud #ShaiHuludWorm

    #supplychain #teampcp #shaihulud #shaihuludworm
  10. Analyst207 @[email protected] ·

    TeamPCP Open-Sources Shai-Hulud Worm, Fuels Malware Proliferation

    Malware mayhem takes a dark turn as TeamPCP open-sources the notorious Shai-Hulud Worm, sparking concerns of widespread malware proliferation. Security experts warn that independent threat actors are already modifying and expanding its reach.

    osintsights.com/teampcp-open-s

    #MalwareOperations #ShaihuludWorm #Teampcp #OpensourceMalware #EmergingThreats

    #malwareoperations #shaihuludworm #teampcp #opensourcemalware #emergingthreats
  11. AmmarSpaces @[email protected] ·

    TeamPCP has open sourced their Shai-Hulud project.

    It can be downloaded here.

    vx-underground.org/tmp

    #cybersecurity #infosec #teampcp #shaihuludmalware #supplychainattack

    #cybersecurity #infosec #teampcp #shaihuludmalware #supplychainattack
  12. github.com/ghostwriter @[email protected] ·

    🚨 UPDATE: Mini Shai-Hulud has crossed from #NPM into #ComposerPHP/#Packagist and now #PyPI… and is still spreading.

    [email protected]
    [email protected]

    socket.dev/blog/tanstack-npm-p

    #TeamPCP #SupplyChainAttack

    #npm #composerphp #pypi #teampcp #supplychainattack
  13. github.com/ghostwriter @[email protected] ·

    🚨 UPDATE: Mini Shai-Hulud has crossed from #NPM into #ComposerPHP/#Packagist and now #PyPI… and is still spreading.

    [email protected]
    [email protected]

    socket.dev/blog/tanstack-npm-p

    #TeamPCP #SupplyChainAttack

    #npm #composerphp #pypi #teampcp #supplychainattack
  14. github.com/ghostwriter @[email protected] ·

    🚨 UPDATE: Mini Shai-Hulud has crossed from #NPM into #ComposerPHP/#Packagist and now #PyPI… and is still spreading.

    [email protected]
    [email protected]

    socket.dev/blog/tanstack-npm-p

    #TeamPCP #SupplyChainAttack

    #npm #composerphp #pypi #teampcp #supplychainattack
  15. github.com/ghostwriter @[email protected] ·

    🚨 UPDATE: Mini Shai-Hulud has crossed from #NPM into #ComposerPHP/#Packagist and now #PyPI… and is still spreading.

    [email protected]
    [email protected]

    socket.dev/blog/tanstack-npm-p

    #TeamPCP #SupplyChainAttack

    #supplychainattack #teampcp #pypi #composerphp #npm
  16. github.com/ghostwriter @[email protected] ·

    🚨 UPDATE: Mini Shai-Hulud has crossed from #NPM into #ComposerPHP/#Packagist and now #PyPI… and is still spreading.

    [email protected]
    [email protected]

    socket.dev/blog/tanstack-npm-p

    #TeamPCP #SupplyChainAttack

    #npm #composerphp #pypi #teampcp #supplychainattack
  17. Analyst207 @[email protected] ·

    Checkmarx Plugin Compromised with Infostealer in Supply-Chain Attack

    A rogue version of Checkmarx's Jenkins Application Security Testing plugin was compromised by the TeamPCP hacker group, who left a taunting message in the about section, claiming another supply-chain attack success. The group has been linked to a string of similar breaches, delivering credential-stealing malware.

    osintsights.com/checkmarx-plug

    #SupplyChainAttack #Teampcp #Jenkins #Checkmarx #Infostealer

    #supplychainattack #teampcp #jenkins #checkmarx #infostealer
  18. Nightfighter 🛡️ @[email protected] ·

    Researchers have spotted a modular cloud worm that will clear you of any infections by the dangerous supply chain attacker "TeamPCP," free of charge. The catch: It wants your secrets.

    #malware #worm #teampcp #stealet

    sentinelone.com/labs/cloud-wor

    #malware #worm #teampcp #stealet
  19. The New Oil @[email protected] ·

    New #PCPJack worm steals credentials, cleans #TeamPCP infections

    bleepingcomputer.com/news/secu

    #cybersecurity #malware

    #pcpjack #teampcp #cybersecurity #malware
  20. The Threat Codex @[email protected] ·

    PCPJack | Cloud Worm Evicts TeamPCP and Steals Credentials at Scale
    #PCPJack #TeamPCP
    sentinelone.com/labs/cloud-wor

    #pcpjack #teampcp
  21. (in)sicurezza digitale @[email protected] ·

    Mini Shai-Hulud: TeamPCP compromette i pacchetti npm ufficiali di SAP in un attacco supply chain enterprise

    Il gruppo TeamPCP ha compromesso i pacchetti npm ufficiali di SAP in un attacco supply chain denominato 'Mini Shai-Hulud': versioni malevole pubblicate il 29 aprile 2026 rubano credenziali AWS, Azure, GCP, token GitHub e segreti CI/CD tramite un payload multistadio basato sul runtime Bun, con esfiltrazione cifrata su repository GitHub pubblici.

    insicurezzadigitale.com/mini-s

    #backdoor #infosec #malware #npm #sap #supplychain
  22. The New Oil @[email protected] ·

    #Checkmarx confirms #LAPSUS$ hackers leaked its stolen #GitHub data

    bleepingcomputer.com/news/secu

    #cybersecurity #DataBreach #TeamPCP #Trivy

    #checkmarx #lapsus #github #cybersecurity #databreach #teampcp
  23. The New Oil @[email protected] ·

    #Checkmarx confirms #LAPSUS$ hackers leaked its stolen #GitHub data

    bleepingcomputer.com/news/secu

    #cybersecurity #DataBreach #TeamPCP #Trivy

    #checkmarx #lapsus #github #cybersecurity #databreach #teampcp
  24. The New Oil @[email protected] ·

    #Checkmarx confirms #LAPSUS$ hackers leaked its stolen #GitHub data

    bleepingcomputer.com/news/secu

    #cybersecurity #DataBreach #TeamPCP #Trivy

    #checkmarx #lapsus #github #cybersecurity #databreach #teampcp
  25. The New Oil @[email protected] ·

    #Checkmarx confirms #LAPSUS$ hackers leaked its stolen #GitHub data

    bleepingcomputer.com/news/secu

    #cybersecurity #DataBreach #TeamPCP #Trivy

    #trivy #teampcp #databreach #cybersecurity #github #lapsus
  26. The New Oil @[email protected] ·

    #Checkmarx confirms #LAPSUS$ hackers leaked its stolen #GitHub data

    bleepingcomputer.com/news/secu

    #cybersecurity #DataBreach #TeamPCP #Trivy

    #checkmarx #lapsus #github #cybersecurity #databreach #teampcp
  27. 𝙽𝙴𝚃𝚁𝙴𝚂𝙴𝙲 @[email protected] ·

    @da_667 @malware_traffic Not sure if related :blobcatgooglyshrug:
    akamai.com/blog/security-resea

    #TeamPCP

    #teampcp
  28. Hackread.com @Hackread ·

    🚨 TeamPCP hijacks Bitwarden CLI in supply chain attack, abusing GitHub Dependabot to deploy Shai-Hulud malware and steal developer secrets, poison AI coding tools.

    Read: hackread.com/teampcp-bitwarden

    #cybersecurity #teampcp #malware #bitwarden #github #dependabot
  29. Hackread.com @[email protected] ·

    🚨 TeamPCP hijacks Bitwarden CLI in supply chain attack, abusing GitHub Dependabot to deploy Shai-Hulud malware and steal developer secrets, poison AI coding tools.

    Read: hackread.com/teampcp-bitwarden

    #CyberSecurity #TeamPCP #Malware #Bitwarden #GitHub #Dependabot

    #cybersecurity #teampcp #malware #bitwarden #github #dependabot
  30. Hackread.com @[email protected] ·

    🚨 TeamPCP hijacks Bitwarden CLI in supply chain attack, abusing GitHub Dependabot to deploy Shai-Hulud malware and steal developer secrets, poison AI coding tools.

    Read: hackread.com/teampcp-bitwarden

    #CyberSecurity #TeamPCP #Malware #Bitwarden #GitHub #Dependabot

    #cybersecurity #teampcp #malware #bitwarden #github #dependabot
  31. Hackread.com @[email protected] ·

    🚨 TeamPCP hijacks Bitwarden CLI in supply chain attack, abusing GitHub Dependabot to deploy Shai-Hulud malware and steal developer secrets, poison AI coding tools.

    Read: hackread.com/teampcp-bitwarden

    #CyberSecurity #TeamPCP #Malware #Bitwarden #GitHub #Dependabot

    #dependabot #github #bitwarden #malware #teampcp #cybersecurity
  32. Hackread.com @[email protected] ·

    🚨 TeamPCP hijacks Bitwarden CLI in supply chain attack, abusing GitHub Dependabot to deploy Shai-Hulud malware and steal developer secrets, poison AI coding tools.

    Read: hackread.com/teampcp-bitwarden

    #CyberSecurity #TeamPCP #Malware #Bitwarden #GitHub #Dependabot

    #cybersecurity #teampcp #malware #bitwarden #github #dependabot
  33. Chris | cy @[email protected] ·

    check your #bitwarden cli clients socket.dev/blog/bitwarden-cli-
    #teampcp #npm

    #teampcp #npm #bitwarden
  34. The Threat Codex @[email protected] ·

    TeamPCP strikes again: Xinference PyPI package compromised
    #TeamPCP
    research.jfrog.com/post/xinfer

    #teampcp
  35. (in)sicurezza digitale @[email protected] ·

    Checkmarx nel mirino di TeamPCP: l’immagine Docker ufficiale di KICS trojanizzata per esfiltrare i segreti dell’infrastruttura

    Per la seconda volta in due mesi, il gruppo TeamPCP ha violato la supply chain di Checkmarx, pubblicando immagini Docker trojanizzate del security scanner KICS ed estensioni VS Code maligne capaci di rubare token cloud, credenziali GitHub e chiavi SSH. Il payload mcpAddon.js, consegnato tramite runtime Bun da un commit retrodatato, punta a trasformare ogni pipeline CI/CD in un punto di esfiltrazione.

    insicurezzadigitale.com/checkm

    #checkmarx #cybercrime #dockerhub #infosec #kics #malware
  36. Analyst207 @[email protected] ·

    TeamPCP Infiltrates Security Infrastructure with Multi-Stage Supply Chain Attack

    When security tools meant to safeguard networks become the entry point for attacks, trust is shattered - and that's exactly what's happening with TeamPCP's multi-stage supply chain attacks on security infrastructure. This sinister tactic lets threat actors turn protectors into launchpads for wider compromise.

    osintsights.com/teampcp-infilt

    #Teampcp #SupplyChainAttack #SecurityInfrastructure #Unit42 #VectRansomware

    #teampcp #supplychainattack #securityinfrastructure #unit42 #vectransomware
  37. The New Oil @[email protected] ·

    #CERTEU: #EuropeanCommission hack exposes data of 30 #EU entities

    bleepingcomputer.com/news/secu

    #cybersecurity #DataBreach #Europe #TeamPCP

    #certeu #europeancommission #eu #cybersecurity #databreach #europe
  38. Hackread.com @[email protected] ·

    AI firm Mercor confirms a breach linked to the #LiteLLM supply chain attack, as hackers claim 4TB of stolen data.

    Read: hackread.com/ai-firm-mercor-br

    #CyberSecurity #DataBreach #Mercor #AI #TeamPCP #Lapsus

    #litellm #cybersecurity #databreach #mercor #ai #teampcp
  39. Hackread.com @Hackread ·

    AI firm Mercor confirms a breach linked to the supply chain attack, as hackers claim 4TB of stolen data.

    Read: hackread.com/ai-firm-mercor-br

    #litellm #cybersecurity #databreach #mercor #ai #teampcp
  40. Hackread.com @[email protected] ·

    AI firm Mercor confirms a breach linked to the #LiteLLM supply chain attack, as hackers claim 4TB of stolen data.

    Read: hackread.com/ai-firm-mercor-br

    #CyberSecurity #DataBreach #Mercor #AI #TeamPCP #Lapsus

    #litellm #cybersecurity #databreach #mercor #ai #teampcp
  41. Hackread.com @[email protected] ·

    AI firm Mercor confirms a breach linked to the #LiteLLM supply chain attack, as hackers claim 4TB of stolen data.

    Read: hackread.com/ai-firm-mercor-br

    #CyberSecurity #DataBreach #Mercor #AI #TeamPCP #Lapsus

    #lapsus #teampcp #ai #mercor #databreach #cybersecurity
  42. Hackread.com @[email protected] ·

    AI firm Mercor confirms a breach linked to the #LiteLLM supply chain attack, as hackers claim 4TB of stolen data.

    Read: hackread.com/ai-firm-mercor-br

    #CyberSecurity #DataBreach #Mercor #AI #TeamPCP #Lapsus

    #litellm #cybersecurity #databreach #mercor #ai #teampcp
  43. The Threat Codex @[email protected] ·

    TeamPCP Supply Chain Campaign: Update 006 - CERT-EU Confirms European Commission Cloud Breach, Sportradar Details Emerge, and Mandiant Quantifies Campaign at 1,000+ SaaS Environments
    #TeamPCP #CVE_2026_33634 #Trivy #ShinyHunters
    isc.sans.edu/diary/32864

    #teampcp #cve_2026_33634 #trivy #shinyhunters
  44. The Threat Codex @[email protected] ·

    Tracking TeamPCP: Investigating Post-Compromise Attacks Seen in the Wild
    #TeamPCP
    wiz.io/blog/tracking-teampcp-i

    #teampcp
  45. Anup Karanjkar @[email protected] ·

    The TeamPCP Attack: How One Stolen Token Compromised Trivy, LiteLLM, and 47 npm Packages — What Every Developer Must Do Now

    A single stolen automation token let the TeamPCP threat actor inject malicious code into Trivy, LiteLLM, and 47 npm packages in under 72 hours. Here is the full timeline, how to...

    wowhow.cloud/blogs/teampcp-sup

    #wowhow #supplychainattack #teampcp #trivy

    #wowhow #supplychainattack #teampcp #trivy
  46. ccinfo.nl @[email protected] ·

    NB411: AJAX GEHACKT, MINISTERIE ONDER VUUR EN SUPPLY CHAIN AANVALLEN ESCALEREN

    Ajax verliest data van 300.000 fans. Ministerie van Financiën gehackt. TeamPCP compromitteert Trivy en LiteLLM. Vier botnets ontmanteld. iPhone exploits op GitHub.

    ccinfo.nl/menu-nieuws-trends/n
    youtu.be/MBerzPWm7Ns

    #Nieuwsbrief #ccinfo #cybersecurity #Ajax #TeamPCP #Nederland

    #nieuwsbrief #ccinfo #cybersecurity #ajax #teampcp #nederland
  47. Günter Born @[email protected] ·

    Setzt jemand aus der Leserschaft #Databricks ein? Die wurden (mutmaßlich) Opfer eines Lieferkettenangriffs durch #TeamPCP. Das eigene Unternehmen könnte kompromittiert sein (wenn z.B. das das Python-Paket von LiteLLM im Einsatz ist).

    borncity.com/blog/2026/03/30/d

    #databricks #teampcp
  48. Hackread.com @[email protected] ·

    #TeamPCP strikes again. Hackers hid credential-stealing malware inside a fake ringtone file in tainted #Telnyx SDK versions, targeting developers via a supply chain attack.

    Read: hackread.com/teampcp-fake-ring

    #CyberSecurity #DataBreach #SupplyChainAttack #Malware

    #teampcp #telnyx #cybersecurity #databreach #supplychainattack #malware
  49. The Threat Codex @[email protected] ·

    TeamPCP Supply Chain Campaign: Update 003 - Operational Tempo Shift as Campaign Enters Monetization Phase With No New Compromises in 48 Hours
    #TeamPCP
    isc.sans.edu/diary/rss/32842

    #teampcp
  50. PrivacyDigest @[email protected] ·

    Popular #LiteLLM #PyPI package #backdoored to steal #credentials , auth #tokens

    The #TeamPCP #hacking group continues its supply-chain rampage, now compromising the massively popular "LiteLLM" Python package on PyPI & claiming to have stolen data from hundreds of thousands of devices during the attack.

    LiteLLM is an open-source #Python library that serves as a gateway to multiple large language model ( #LLM ) providers via a single #API.
    #privacy #security #supplychain

    bleepingcomputer.com/news/secu

    #supplychain #security #privacy #api #llm #python