The New Oil21h ago

New #PCPJack worm steals credentials, cleans #TeamPCP infections

https://www.bleepingcomputer.com/news/security/new-pcpjack-worm-steals-credentials-cleans-teampcp-infections/

#cybersecurity #malware

New PCPJack worm steals credentials, cleans TeamPCP infections

A new malware framework called PCPJack is stealing credentials from exposed cloud infrastructure while actively removing TeamPCP's access to the systems.

BleepingComputer
Meteora Web1d ago

🚨 NEWS: Cybercrime 2026. Hackers che Hackerano Altri Hacker e l'Ascesa della Difesa AI

Ecco i punti chiave in breve:
💡 Il panorama della sicurezza informatica nel 2026 sta vivendo una trasformazione senza precedenti, alimentata da dinamiche di conflitto tra gruppi criminali, dall'impiego massiccio...

🚀 LINK: https://meteoraweb.com/news/cybercrime-2026-hackers-che-hackerano-altri-hacker-e-lascesa-della-difesa-ai

#cybercrime #hacking #teamPCP #mythosAnthropic #firefox

Daniel Marsh1d ago

The cloud threat landscape just got a lot more interesting. PCPJack, a new credential-stealing worm, is aggressively targeting cloud infrastructure like Docker, Kubernetes, and major providers (AWS, Google Cloud, Azure). But here's the twist: it's actively seeking out and removing rival malware, TeamPCP, even reporting "PCP replaced" metrics. This "turf war" suggests a deeper, more strategic…

https://www.tpp.blog/zz392cx

#cybersecurity #pcpjack #teampcp

🤖 This post was AI-generated.

The Threat Codex1d ago
PCPJack | Cloud Worm Evicts TeamPCP and Steals Credentials at Scale
#PCPJack #TeamPCP
https://www.sentinelone.com/labs/cloud-worm-evicts-teampcp-and-steals-credentials-at-scale/
PCPJack | Cloud Worm Evicts TeamPCP and Steals Credentials at Scale

Cloud attack framework skips cryptomining, harvests financial, messaging, and enterprise credentials for fraud, spam, and potential extortion.

SentinelOne
(in)sicurezza digitaleApr 30

Mini Shai-Hulud: TeamPCP compromette i pacchetti npm ufficiali di SAP in un attacco supply chain enterprise

Il gruppo TeamPCP ha compromesso i pacchetti npm ufficiali di SAP in un attacco supply chain denominato 'Mini Shai-Hulud': versioni malevole pubblicate il 29 aprile 2026 rubano credenziali AWS, Azure, GCP, token GitHub e segreti CI/CD tramite un payload multistadio basato sul runtime Bun, con esfiltrazione cifrata su repository GitHub pubblici.

https://insicurezzadigitale.com/mini-shai-hulud-teampcp-compromette-i-pacchetti-npm-ufficiali-di-sap-in-un-attacco-supply-chain-enterprise/

The New OilApr 29

#Checkmarx confirms #LAPSUS$ hackers leaked its stolen #GitHub data

https://www.bleepingcomputer.com/news/security/checkmarx-confirms-lapsus-hackers-leaked-its-stolen-github-data/

#cybersecurity #DataBreach #TeamPCP #Trivy

Checkmarx confirms LAPSUS$ hackers leaked its stolen GitHub data

Application security company Checkmarx has confirmed that the LAPSUS$ threat group leaked data stolen from its private GitHub repository.

BleepingComputer
Show thread𝙽𝙴𝚃𝚁𝙴𝚂𝙴𝙲Apr 29

@da_667 @malware_traffic Not sure if related  
https://www.akamai.com/blog/security-research/telnyx-sdk-pypi-2026-teampcp-supply-chain-attacks

#TeamPCP

Hackread.comApr 24

🚨 TeamPCP hijacks Bitwarden CLI in supply chain attack, abusing GitHub Dependabot to deploy Shai-Hulud malware and steal developer secrets, poison AI coding tools.

Read: https://hackread.com/teampcp-bitwarden-cli-dependabot-shai-hulud-malware/

#CyberSecurity #TeamPCP #Malware #Bitwarden #GitHub #Dependabot

TeamPCP Hijacks Bitwarden CLI, Uses Dependabot to Deploy Shai-Hulud Malware

GitGuardian uncovers TeamPCP attack on Bitwarden CLI, abusing GitHub Dependabot to spread Shai-Hulud and poison AI coding tools.

Hackread - Cybersecurity News, Data Breaches, AI and More
Chris | cyApr 23
check your #bitwarden cli clients https://socket.dev/blog/bitwarden-cli-compromised
#teampcp #npm
Bitwarden CLI Compromised in Ongoing Checkmarx Supply Chain Campaign

Bitwarden CLI 2026.4.0 was compromised in the Checkmarx supply chain campaign after attackers abused a GitHub Action in Bitwarden’s CI/CD pipeline.

Socket
The Threat CodexApr 23
TeamPCP strikes again: Xinference PyPI package compromised
#TeamPCP
https://research.jfrog.com/post/xinference-compromise/
TeamPCP strikes again: Xinference PyPI package compromised - JFrog Security Research

The JFrog security research team recently identified a supply chain attack targeting the `xinference` package on PyPI. Versions 2.6.0, 2.6.1, and 2.6.2 were compromised and yanked by maintainers after users reported suspicious behavior. If you installed or imported these versions, you must assume your environment is compromised.