A Hacker Group Is Poisoning Open Source Code at an Unprecedented Scale

GitHub is just the latest victim of TeamPCP, a gang that has carried out a spree of software supply chain attacks that has impacted hundreds of organizations.

Who is TeamPCP, the rising hacker group targeting open-source software and AI tools?

TeamPCP is an increasingly notorious group of cybercriminals that carry out software supply chain attacks, where hundreds of ...

Hackers hack victims hacked by other hackers

An unknown group of hackers is breaking into systems previously breached by the cybercrime group TeamPCP. Once inside, the ...
Tech Times

500 Poisoned Packages, Hundreds of Companies: TeamPCP’s Worm Just Reached GitHub

A GitHub employee installed a routine VS Code extension update, handed cybercrime group TeamPCP enough access to exfiltrate ...
Infosecurity Magazine

GitHub Confirms Breach of Internal Repositories Via Malicious VS Code Extension

The Microsoft-owed software developer platform, GitHub, has confirmed a third-party has gained unauthorized access to 3800 ...
Bleeping Computer

TeamPCP hackers advertise Mistral AI code repos for sale

The TeamPCP hacker group is threatening to leak source code from the Mistral AI project unless a buyer is found for the data. In a post on a hacker forum, the threat actor is asking $25,000 for a set ...
Opinion

The software supply chain is the new ground zero for enterprise cyber risk. Don’t get caught short

The software supply chain is the new ground zero for enterprise cyber risk. Don't get caught short - SiliconANGLE ...

GitHub confirms breach of 3,800 repos via malicious VSCode extension

GitHub has confirmed that roughly 3,800 internal repositories were breached after one of its employees installed a malicious ...
The Hacker News

GitHub Internal Repositories Breached via Malicious Nx Console VS Code Extension

GitHub lost 3,800 internal repos after poisoned Nx Console update exposed developer credentials and supply-chain risk.