#teampcp tag - Briefly

EU data protection

Europe's cyber agency blames hacking gangs for massive data breach and leak | TechCrunch

fromSecurityWeek

1 week ago

Information security

From Trivy to Broad OSS Compromise: TeamPCP Hits Docker Hub, VS Code, PyPI

Information security

fromTechzine Global

1 week ago

Attackers exploit open source to spread malware

TeamPCP poses a significant threat to cloud platforms and open-source software through evolving cyber attacks on software supply chains.

fromThe Hacker News

1 week ago

Information security

TeamPCP Backdoors LiteLLM Versions 1.82.7-1.82.8 Likely via Trivy CI/CD Compromise

TeamPCP compromised the litellm Python package, embedding malicious versions that include a credential harvester and a persistent backdoor.

EU data protection

fromTechCrunch

14 hours ago

Europe's cyber agency blames hacking gangs for massive data breach and leak | TechCrunch

A cybercriminal group known as TeamPCP hacked the EU's executive body, stealing 92 gigabytes of data, including personal information.

Information security

fromSecurityWeek

1 week ago

From Trivy to Broad OSS Compromise: TeamPCP Hits Docker Hub, VS Code, PyPI

TeamPCP hacking group expanded its attacks to multiple platforms, exploiting vulnerabilities and compromising credentials for malicious purposes.

Information security

fromTechzine Global

1 week ago

Attackers exploit open source to spread malware

TeamPCP poses a significant threat to cloud platforms and open-source software through evolving cyber attacks on software supply chains.

Information security

fromThe Hacker News

1 week ago

TeamPCP Backdoors LiteLLM Versions 1.82.7-1.82.8 Likely via Trivy CI/CD Compromise

TeamPCP compromised the litellm Python package, embedding malicious versions that include a credential harvester and a persistent backdoor.

Mercor, a $10 billion AI startup, confirms it was caught up in a major security incident | Fortune

Mercor confirmed a security breach linked to a supply chain attack that may have exposed sensitive data of its customers.

fromSecurityWeek

4 days ago

Telnyx Targeted in Growing TeamPCP Supply Chain Attack

The WAV file is a valid audio file. It passes MIME-type checks. But the audio frame data contains a base64-encoded payload. Decode the frames, take the first 8 bytes as the XOR key, XOR the rest, and you have your executable or Python script.

Python

fromArs Technica

1 week ago

Self-propagating malware poisons open source software and wipes Iran-based machines

CanisterWorm, as Aikido has named the malware, targets organizations' CI/CD pipelines used for rapid development and deployment of software. Every developer or CI pipeline that installs this package and has an npm token accessible becomes an unwitting propagation vector.

Information security

fromThe Hacker News

1 month ago

TeamPCP Worm Exploits Cloud Infrastructure to Build Criminal Infrastructure

A worm-driven TeamPCP campaign exploited exposed cloud-native services and React2Shell to build malicious infrastructure for data theft, extortion, ransomware, and crypto mining.

#teampcp#teampcp

Europe's cyber agency blames hacking gangs for massive data breach and leak | TechCrunch

From Trivy to Broad OSS Compromise: TeamPCP Hits Docker Hub, VS Code, PyPI

Attackers exploit open source to spread malware

TeamPCP Backdoors LiteLLM Versions 1.82.7-1.82.8 Likely via Trivy CI/CD Compromise

Europe's cyber agency blames hacking gangs for massive data breach and leak | TechCrunch

From Trivy to Broad OSS Compromise: TeamPCP Hits Docker Hub, VS Code, PyPI

Attackers exploit open source to spread malware

TeamPCP Backdoors LiteLLM Versions 1.82.7-1.82.8 Likely via Trivy CI/CD Compromise

Mercor, a $10 billion AI startup, confirms it was caught up in a major security incident | Fortune

Telnyx Targeted in Growing TeamPCP Supply Chain Attack

Self-propagating malware poisons open source software and wipes Iran-based machines

TeamPCP Worm Exploits Cloud Infrastructure to Build Criminal Infrastructure

#teampcp
#teampcp