The Worm That Keeps on Digging: TeamPCP Hits @antv in Latest Wave

Wiz Research details a coordinated software supply-chain campaign (attributed to "TeamPCP" with moderate confidence) that compromised numerous npm packages, GitHub Actions, and a VSCode extension to deploy credential-stealing malware, exfiltrate developer secrets via attacker-created GitHub repositories, and maintain persistence with a Python backdoor that polls GitHub for signed commands.