logo

How software development’s speed obsession enabled TeamPCP’s chaos crusade

ID: ea10c1d2-810d-5268-9d67-88e522a85af9

STIX ID: report--ea10c1d2-810d-5268-9d67-88e522a85af9

Feed Name: CyberScoop

Threat Score
85/100

Date Published: 2026-06-18

Date Updated: 2026-06-18

Author: Matt Kapko

...
...

TeamPCP is running a high-tempo software supply-chain campaign that injects credential-stealing malware and a self-replicating worm into open-source packages and CI/CD workflows across npm, PyPI, GitHub and other registries, compromising hundreds to thousands of packages (claimed ~500M weekly downloads) to harvest cloud and Kubernetes credentials and propagate further; defenders struggle with rapid automated deployments, unreleased secret rotation, and frequent re-infections.

Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.