#teampcp

[ follow ]
#cybersecurity #malware #open-source #supply-chain-attack #credential-management #software-supply-chain
#cybersecurity
Information security
fromSecurityWeek
2 days ago

From Trivy to Broad OSS Compromise: TeamPCP Hits Docker Hub, VS Code, PyPI

TeamPCP hacking group expanded its attacks to multiple platforms, exploiting vulnerabilities and compromising credentials for malicious purposes.
Information security
fromThe Hacker News
3 days ago

TeamPCP Backdoors LiteLLM Versions 1.82.7-1.82.8 Likely via Trivy CI/CD Compromise

TeamPCP compromised the litellm Python package, embedding malicious versions that include a credential harvester and a persistent backdoor.
more#cybersecurity
fromArs Technica
3 days ago

Self-propagating malware poisons open source software and wipes Iran-based machines

CanisterWorm, as Aikido has named the malware, targets organizations' CI/CD pipelines used for rapid development and deployment of software. Every developer or CI pipeline that installs this package and has an npm token accessible becomes an unwitting propagation vector.
Information security
Information security
fromThe Hacker News
1 month ago

TeamPCP Worm Exploits Cloud Infrastructure to Build Criminal Infrastructure

A worm-driven TeamPCP campaign exploited exposed cloud-native services and React2Shell to build malicious infrastructure for data theft, extortion, ransomware, and crypto mining.
[ Load more ]