Your Supply Chain Breach Is Someone Else's Payday

TeamPCP used stolen developer credentials to push credential-harvesting malware into widely used software (including the LiteLLM Python package and Checkmarx GitHub Actions), exfiltrating API keys, cloud credentials, and secrets and causing cascading supply-chain compromises across five ecosystems; the campaign enables extortion, payroll redirection, logistics fraud, and other large-scale impacts, and the report recommends immediate credential rotation, pipeline audits, dependency pinning, and continuous AI-driven integrity and identity monitoring.