Six Accounts, One Actor: Inside the prt-scan Supply Chain Campaign
After hackerbot-claw, another AI-powered campaign exploiting pull_request_target confirms the threat is here to stay. We trace the attacker back to three weeks before anyone noticed.
Benjamin Read
Benjamin Read Mensajes
Axios NPM Distribution Compromised in Supply Chain Attack
A compromised axios maintainer account led to malicious npm releases that propagated across environments. Learn how to assess impact, detect compromise, and secure your development workflows.
Three’s a Crowd: TeamPCP trojanizes LiteLLM in Continuation of Campaign
LiteLLM is the latest victim of TeamPCP’s open-source attack spree. Malicious versions 1.82.7 and 1.82.8 abuse Python’s .pth mechanism for stealthy persistence. The malware exfiltrates cloud credentials, CI/CD secrets, and keys to attacker-controlled domains.
KICS GitHub Action Compromised: TeamPCP Strikes Again in Supply Chain Attack
Checkmarx KICS scanner is the latest victim of a credential-stealing supply chain attack by TeamPCP. Between 12:58–16:50 UTC on March 23, 35 tags were hijacked. Learn how to audit your workflows, identify malicious activity, and secure your GitHub Actions.
React2Shell: Technical Deep-Dive & In-the-Wild Exploitation of CVE-2025-55182
We break down the exploit mechanics and detail active in-the-wild attacks observed by our team, from credential harvesting to sophisticated cloud backdoors.