Attention: You are using an outdated browser, device or you do not have the latest version of JavaScript downloaded and so this website may not work as expected. Please download the latest software or switch device to avoid further issues.
| 1 Apr 2026 | |
| Written by Gabi Gerber | |
| Attacks & Threats |
| Security Operation Center, Hacking Topics |
TeamPCP is weaponizing the fruits of its extensive supply chain attacks, using stolen credentials to access cloud and software-as-a-service (SaaS) environments.
The threat group this month compromised several open source software projects, starting with Trivy, an Aqua Security-maintained security scanner, and KICS, a Checkmarx-developed tool for static code analysis. More recently, TeamPCP actors hit LiteLLM, an open source Python library, and the PyPi package of Telnyx, which developers use for voice AI agents. More here
Object First's Cusimano on Why Backup Storage Is Now a Prime Ransomware Target More...
The threat group's shift to speedy attacks on AWS, Azure, and SaaS instances shows organizations need to respond quickly to compromised credentials. More...
Object First's Cusimano on Why Backup Storage Is Now a Prime Ransomware Target More...
RSAC 2026 CONFERENCE — San Francisco — When people talk about transparency in cybersecurity, they are usually referring … More...
Threats actors pounced on the code injection vulnerability within hours of its disclosure, demonstrating that organizati… More...
