TeamPCP
PulseAugur coverage of TeamPCP — every cluster mentioning TeamPCP across labs, papers, and developer communities, ranked by signal.
7 day(s) with sentiment data
-
AI coding tools exploited in new Miasma Worm credential theft attacks
A new supply chain attack, dubbed Miasma Worm, has emerged, leveraging configuration files within AI coding tools to steal credentials. Attackers exploit features like session start hooks in tools such as Claude Code an…
-
AI coding tools targeted by evolving 'Hades' malware campaign
A sophisticated cyberattack campaign, tracked as UNC6780 or TeamPCP, has evolved to target AI coding tools, including Claude Code. The malware, now named "Hades: The End for the Damned," spreads through Python and manip…
-
TeamPCP Supply Chain Campaign Active Through June 2026
A cybersecurity campaign dubbed "TeamPCP" has shown continued activity through June 7th, 2026. The SANS Internet Storm Center is tracking this supply chain attack, which was first documented earlier. The campaign involv…
-
Microsoft packages compromised twice with credential-stealing AI malware
Microsoft's official open-source packages have been compromised for the second time in recent weeks, with malicious code designed to steal credentials being injected into 73 packages. This code activates when developers…
-
Miasma worm exploits AI tools to compromise 73 Microsoft GitHub repos
A sophisticated supply chain attack, dubbed Miasma, has compromised 73 Microsoft repositories on GitHub, including critical ones for Azure and MicrosoftDocs. This self-replicating worm, a variant of Mini Shai-Hulud, exp…
-
Microsoft GitHub Repos Hacked, Malware Targets AI Coding Tool Users
Microsoft has disabled over 70 of its GitHub repositories, including those related to Azure and AI coding agents, following a security incident. Hackers had previously compromised a Microsoft development tool, pushing m…
-
Miasma malware targets developers via compromised npm packages
A sophisticated malware campaign, dubbed Miasma by Microsoft, has targeted developers by compromising 32 npm packages under the `@redhat-cloud-services` umbrella. This attack plants backdoors in developer tools like Cla…
-
GitHub alternatives emerge amid security concerns and TOS changes
GitHub is facing scrutiny due to a recent security breach and changes to its terms of service, prompting a look at alternatives. The article analyzes various platforms, categorizing them into open-source/self-hosted opt…
-
Malicious packages with valid provenance exploit GitHub Actions flaws
A sophisticated attack campaign, dubbed "Mini Shai-Hulud" by the group TeamPCP, has successfully compromised numerous open-source packages across npm and PyPI, including prominent ones like TanStack, Mistral AI, and UiP…
-
TeamPCP compromises LiteLLM, exposing 500K credentials in AI supply chain attack
A significant supply chain attack has impacted the AI development landscape, with the group TeamPCP compromising the LiteLLM tool. This breach resulted in the theft of 300GB of data and the exposure of 500,000 credentia…
-
Shai-Hulud malware infects Red Hat npm packages
The Shai-Hulud malware has compromised versions of Red Hat's npm packages, with approximately 80,000 downloads occurring weekly. This malicious software is suspected to be the work of the TeamPCP group or a copycat. The…
-
GitHub Actions security tools compromised by mutable tag exploits
A malicious actor known as "TeamPCP" compromised popular security tools like Trivy and KICS by force-pushing mutable tags on their GitHub Actions repositories between March 19 and March 24, 2026. This allowed the attack…
-
TeamPCP exploits GitHub, Grafana, and VS Code in supply chain attacks
A coordinated series of cyberattacks, attributed to the group TeamPCP, has exploited vulnerabilities across the software supply chain. These attacks, which began with a malicious VS Code extension on a GitHub employee's…
-
Hacker group targets open source; Google DeepMind CEO sees AI science shift
A hacker group known as TeamPCP is reportedly conducting large-scale attacks on open-source code repositories, with GitHub being a recent target. This group is allegedly poisoning software supply chains through these at…
-
TeamPCP hackers breach GitHub internal repos via malicious VS Code extension
The hacker group TeamPCP has breached GitHub's internal repositories, potentially compromising source code after a GitHub employee installed a malicious VS Code extension. The group claims to have exfiltrated approximat…
-
Checkmarx uncovers TeamPCP sabotage of Jenkins plugin
Security researchers at Checkmarx have identified a new supply chain attack targeting the Jenkins CI/CD platform. Threat actors known as TeamPCP are exploiting a vulnerability in a Jenkins plugin to compromise developer…
-
TeamPCP steals 300GB, exposes 500K credentials in LiteLLM attack
A significant supply chain attack has impacted the AI development landscape, with the TeamPCP group compromising LiteLLM. This breach resulted in the theft of 300GB of data and exposed 500,000 credentials. The attack ha…
-
Vect's ransomware is a data wiper, making victim data unrecoverable
Cybersecurity researchers have discovered that the ransomware used by the Vect group, which has targeted numerous organizations since January, is actually a data wiper. This malware permanently destroys files larger tha…
-
New npm worm steals AI dev secrets, spreads to other packages
A new supply chain worm, similar to previous attacks attributed to TeamPCP, is spreading through compromised npm packages. This malware targets developers by stealing sensitive information like API keys and cryptocurren…