TeamPCP Used Mini Shai-Hulud Worm to Poison Over 400 npm and PyPI Packages

A threat actor identified as TeamPCP executed a high-speed, coordinated supply-chain attack (Mini Shai-Hulud) on 11–12 May 2026, poisoning hundreds of npm and PyPI packages (over 400 malicious versions across ~172 packages) by abusing CI/CD via stolen OIDC tokens and valid SLSA attestations. The malicious packages delivered a self-propagating worm and credential-stealer targeting AWS, Vault, and GitHub tokens, used stolen tokens to spread further in projects, and exfiltrated data via the Oxen network; registries and vendors have removed/quarantined affected releases and recommend immediate lockfile audits and full credential rotations.