Hackers just cloned Cisco's crown jewels—over 300 private repos with AI code and gov client data—via a tainted Trivy scanner. Google's now calling the culprits UNC6780, but the extortion game's hitting snags.
Imagine your AI gateway — that trusty LiteLLM proxy — quietly siphoning API keys to hackers. TeamPCP's supply chain hit proves dev tools are prime targets now.
Ever wonder if that innocent Python SDK you're pip-installing is a credential thief in disguise? TeamPCP's latest Telnyx gambit proves it — and it's cross-platform nasty.
Hackers waltzed into the European Commission's AWS cloud with a pilfered API key, swiping data from 30 EU outfits. CERT-EU calls it TeamPCP's work—supply-chain slop at its finest.
Databricks is scrambling to verify a potential TeamPCP breach, while the group unleashes dual ransomware tracks and dumps AstraZeneca data for free. This isn't just another hack—it's a monetization masterclass.
A worm called CanisterWorm just lit up Iranian cloud setups, wiping data based on time zones and language. Behind it? TeamPCP, who own 97% of their hits on Azure and AWS misconfigs.
Your cloud bill explodes overnight — crypto rigs humming on your dime. That's TeamPCP breaches in action, turning pilfered credentials into instant chaos for businesses everywhere.
Attackers slipped infostealers into GitHub Actions and PyPI, turning vulnerability scanners against their users. Over 500,000 machines lost cloud tokens, SSH keys, and Kubernetes secrets in this escalating nightmare.
Your next PyPI download could hand hackers your cloud keys. TeamPCP's blending supply chain hacks with extortion gangs, turning dev tools into ransomware launchpads.