The TeamPCP hacking group has expanded its open source software campaign from the Trivy supply chain attack to NPM, Docker Hub, VS Code, and PyPI, and likely partnered with the Lapsus$ gang for monetization purposes.
The attack on Aqua Security’s widely used Trivy vulnerability scanner started with the compromise of an access token in late February. Because the maintainers did not rotate all crede...
This campaign highlights the need for increased vigilance and security measures within OSS communities. The partnership between TeamPCP and Lapsus$ is a worrying development as it represents a dangerous convergence of supply chain attackers and high-profile extortion groups, posing a significant threat to the modern cloud-native and AI ecosystems. It also raises questions about the motivations behind these attacks and their potential long-term consequences for affected organizations and individu...