TeamPCP Supply Chain Campaign: Update 005 - First Confirmed Victim Disclosure, Post-Compromise Cloud Enumeration Documented, and Axios Attribution Narrows, (Wed, Apr 1st)

This update consolidates developments in the TeamPCP supply-chain campaign: Mercor AI publicly confirmed a LiteLLM-driven breach with significant data exfiltration, Wiz published detailed post-compromise AWS/Azure enumeration behaviors, the axios npm incident was attributed to DPRK-linked UNC1069 (while the token provenance remains unclear), LiteLLM releases resumed after a Mandiant forensic audit, ownCloud disclosed build-infrastructure impact, and the overall supply-chain pause and remediation deadlines are tracked.