TeamPCP
-
techPerplexity Open-Sources Bumblebee to Scan Developer Machines Without Triggering Malware
Perplexity releases Bumblebee, a read-only scanner that detects compromised software, browser extensions, and AI configs without running the code.
-
techHacker Group TeamPCP Poisons Open Source Code at Unprecedented Scale
TeamPCP has breached GitHub and hundreds of firms via software supply chain attacks, using a self-spreading worm to steal credentials and data.
-
techGitHub Breach: Hacker Group Steals 3,800 Internal Repos via Poisoned VS Code Extension
GitHub confirmed a breach where a poisoned VS Code extension led to the exfiltration of 3,800 internal repositories. Customer data was not impacted.
-
techGitHub Breached: 3,800 Internal Repos Stolen via Poisoned VS Code Extension
TeamPCP compromised GitHub via a malicious VS Code extension, stealing source code for Actions, Copilot, and CodeQL, now sold for $50,000.
-
techShai-Hulud Malware Exploits Software Supply Chains, Hits OpenAI and Microsoft
A sophisticated malware campaign, Shai-Hulud, spreads through npm and PyPI, compromising major tech firms including OpenAI and Microsoft.
-
techGitHub Confirms Theft of 3,800 Internal Repos via Malicious VS Code Extension
A GitHub employee installed a poisoned VS Code extension, leading to the exfiltration of roughly 3,800 internal code repositories by hacker group TeamPCP.
-
techGitHub Probes Data Breach After Employee Device Hijacked via Malicious VS Code Extension
GitHub investigates unauthorized access to internal repositories after an employee device was compromised. Hacker group TeamPCP claims to have stolen 4,000 private repos.
-
techSoftware Supply Chains: The New Cyber Battleground for Enterprises
Recent AI-driven supply chain attacks, like TeamPCP, expose critical risks. Expert analysis on defending enterprise software infrastructure.