6 articles tagged with "Teampcp"
TeamPCP compromised the popular telnyx Python SDK on PyPI, hiding credential-stealing malware inside WAV audio files. Versions 4.87.1 and 4.87.2 affected—downgrade immediately.
Stolen CI credentials from Trivy breach enabled TeamPCP to compromise Checkmarx KICS GitHub Actions, poisoning all 35 version tags with credential-stealing malware in four-hour window.
Malicious LiteLLM versions 1.82.7 and 1.82.8 deployed credential harvester, Kubernetes lateral movement tools, and persistent backdoor. Package sees 3 million daily downloads.
TeamPCP's supply chain attack expands with a Kubernetes wiper that detects Iranian systems via timezone and locale, wiping clusters while backdooring everyone else.
TeamPCP threat actors hijacked Aqua Security's Trivy vulnerability scanner, compromising 75 GitHub Action tags and spreading credential-stealing malware to 47 npm packages via blockchain C2.
Cloud-native worm campaign by TeamPCP has compromised 60,000+ servers by exploiting Docker APIs, Kubernetes, and React2Shell. Flare researchers detail the industrialized operation.