#TeamPCP hackers advertise #Mistral #AI code repos for sale

https://www.bleepingcomputer.com/news/security/teampcp-hackers-advertise-mistral-ai-code-repos-for-sale/

#cybersecurity

TeamPCP hackers target Mistral AI code repos for sale

Hackers from TeamPCP are demanding $25,000 for nearly 5 gigabytes of stolen Mistral AI code, threatening to leak it for free if they don't find a buyer within a week. The group claims to have snagged around 450 internal repositories, including sensitive source code used for training and model delivery.

https://osintsights.com/teampcp-hackers-target-mistral-ai-code-repos-for-sale?utm_source=mastodon&utm_medium=social

#Teampcp #Ransomware #EmergingThreats #MistralAi #CodeRepositories

📢⚠️ A #TeamPCP-linked account claims to be selling alleged internal Mistral AI repositories days after the Mini Shai-Hulud supply chain attacks targeted npm and PyPI packages linked to the AI company.

Read: https://hackread.com/teampcp-mistral-ai-repositories-mini-shai-hulud-attack/

#CyberSecurity #MistralAI #MiniShaiHulud #DataBreach

Research reveals that #TeamPCP hijacked OIDC tokens to poison hundreds of TanStack, Mistral AI, and UiPath packages with the self-propagating Mini Shai-Hulud worm.

Read: https://hackread.com/teampcp-mini-shai-hulud-worm-npm-pypi-packages/

#CyberSecurity #Malware #ShaiHulud #CyberAttack #npm

More supply chain attacks incoming! Exciting! We are so fudged! Maybe, we''ll see.

From the Telegram channel of Breached/BreachForums:

Breached has teamed up with TeamPCP to host the first ever supply chain competition! Whoever is able to conduct the biggest supply chain operation using the now open source Shai Hulud worm will be congratulated and will receive a prize of $1000 USD in XMR from @diencracked. Make sure to read the rules posted in the announcement first.

#Supplychain #TeamPCP #ShaiHulud #ShaiHuludWorm

TeamPCP Open-Sources Shai-Hulud Worm, Fuels Malware Proliferation

Malware mayhem takes a dark turn as TeamPCP open-sources the notorious Shai-Hulud Worm, sparking concerns of widespread malware proliferation. Security experts warn that independent threat actors are already modifying and expanding its reach.

https://osintsights.com/teampcp-open-sources-shai-hulud-worm-fuels-malware-proliferation?utm_source=mastodon&utm_medium=social

#MalwareOperations #ShaihuludWorm #Teampcp #OpensourceMalware #EmergingThreats

TeamPCP has open sourced their Shai-Hulud project.

It can be downloaded here.

https://vx-underground.org/tmp

#cybersecurity #infosec #teampcp #shaihuludmalware #supplychainattack

Shai Hulud Campaign Targets Developers with Malicious npm Packages

Malicious actors have unleashed a barrage of 84 tainted versions of popular software packages, cleverly disguising them with legitimate credentials to deceive developers. The Shai Hulud campaign, linked to the TeamPCP threat group, has been wreaking havoc on the software supply chain since September.

https://osintsights.com/shai-hulud-campaign-targets-developers-with-malicious-npm-packages?utm_source=mastodon&utm_medium=social

#ShaiHulud #Teampcp #MaliciousNpmPackages #SupplyChain #EmergingThreats

Checkmarx Plugin Compromised with Infostealer in Supply-Chain Attack

A rogue version of Checkmarx's Jenkins Application Security Testing plugin was compromised by the TeamPCP hacker group, who left a taunting message in the about section, claiming another supply-chain attack success. The group has been linked to a string of similar breaches, delivering credential-stealing malware.

https://osintsights.com/checkmarx-plugin-compromised-with-infostealer-in-supply-chain-attack?utm_source=mastodon&utm_medium=social

#SupplyChainAttack #Teampcp #Jenkins #Checkmarx #Infostealer