Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

TeamPCP cloud-native exploitation campaign

Campaign
First reported
Last updated
Happening score
H score 58
3 unique sources, 4 articles

Summary

Hide ▲

TeamPCP is a cloud-native supply-chain campaign that abuses exposed Docker APIs, Kubernetes clusters, Ray dashboards, Redis servers, and React2Shell (CVE-2025-55182) to seed malicious infrastructure for follow-on abuse. The latest reporting adds a compromised PyPI package, LiteLLM, where versions 1.82.7 and 1.82.8 carried credential-stealing malware that could run on import or when any Python process started, then steal secrets, spread across Kubernetes environments, and install persistent backdoors. The broader campaign also includes malicious Trivy Docker Hub images and the March 22, 2026 defacement of 44 Aqua Security repositories in the aquasec-com GitHub organization.

Related Happenings

Shai-Hulud worm clone activity on NPM

Malware Activity
First: 18.05.2026 12:45 Last: 18.05.2026 12:45 Sources 1

About this happening: The **Shai-Hulud** malware activity has continued to evolve across the **npm supply chain** and related developer ecosystems. It first infected **npm packages** in **September 202...

Open Happening

Node-ipc malicious versions with stealer/backdoor payload

Malware Activity
First: 14.05.2026 20:22 Last: 14.05.2026 20:22 Sources 1

About this happening: Three **node-ipc** releases now carry an **obfuscated stealer/backdoor** that can harvest **developer and cloud secrets** from any system that loads the package. The malicious cod...

Open Happening

Mini Shai-Hulud supply-chain campaign targeting npm and PyPI

Campaign
First: 12.05.2026 17:45 Last: 12.05.2026 17:45 Sources 1

About this happening: The **Mini Shai-Hulud** **supply-chain campaign** linked to **TeamPCP** expanded into downstream victim reporting, including **Grafana Labs**. Grafana said its **GitHub environmen...

Latest development: 21.05.2026 11:00

Grafana Labs said its GitHub environment was accessed and its codebase downloaded, with additional internal operational information taken from GitHub repositories, after compromise linked to the Mini Shai-Hulud campaign and TanStack npm packages. Grafana said it first spotted malicious activity on May 11, discovered the unauthorized download on May 17, and after contact from the ransom gang rotated automation tokens, enabled enhanced monitoring, audited commits since the May 11 incident, and hardened its GitHub security posture, while saying there is no indication customer production systems or operations were compromised.

Open Happening

Shai-Hulud supply-chain campaign spreading via stolen CI/CD credentials

Campaign
First: 12.05.2026 14:29 Last: 12.05.2026 14:29 Sources 1

About this happening: The **Shai-Hulud** **supply-chain campaign** remains active across **npm**, **PyPI**, and **Composer**, with the latest reporting tying **TeamPCP** to both a claimed **GitHub inte...

Open Happening

TeamPCP Mini Shai-Hulud npm supply-chain campaign

Campaign
First: 12.05.2026 14:07 Last: 12.05.2026 14:07 Sources 1

About this happening: The **TeamPCP**-linked **Mini Shai-Hulud** campaign is a **malicious npm supply-chain operation** that steals developer credentials and abuses trusted publishing paths to spread t...

Open Happening

Timeline

  1. 23.03.2026 10:31 2 articles · 2mo ago

    TeamPCP malicious Trivy Docker Hub images and Aqua Security repo defacement

    Campaign Scope Update

    Researchers uncovered malicious Trivy Docker Hub image tags 0.69.4, 0.69.5, and 0.69.6 tied to TeamPCP; 0.69.5 and 0.69.6 were pushed on March 22 without corresponding GitHub releases or tags. The same reporting says TeamPCP used a compromised service account token to deface all 44 internal repositories in Aqua Security's aquasec-com GitHub organization by renaming them with the tpcp-docs- prefix and exposing them publicly.

    Show sources
    Open in new tab
  2. 09.02.2026 10:37 1 articles · 3mo ago

    TeamPCP worm-driven cloud-native exploitation

    Exploitation Observed

    Around December 25, 2025, TeamPCP used a worm-driven campaign against cloud native environments, abusing exposed Docker APIs, Kubernetes clusters, Ray dashboards, Redis servers, and React2Shell (CVE-2025-55182) to seed malicious infrastructure for follow-on exploitation, including scanning, proxying, persistence, data theft, extortion, and cryptocurrency mining.

    Show sources
    Open in new tab
  3. 09.02.2026 10:37 2 articles · 3mo ago

    TeamPCP campaign analysis and attribution

    Technical Analysis Update

    On February 9, 2026, researchers attributed the cloud-native cybercrime platform to TeamPCP (aka DeadCatx3, PCPcat, PersyPCP, and ShellForce) and described tooling that leveraged misconfigured Docker APIs, Kubernetes APIs, Ray dashboards, Redis servers, and vulnerable React/Next.js applications to automate exploitation, tunneling, C2 relays, credential harvesting, and malicious container deployment across AWS and Microsoft Azure environments.

    Show sources
    Open in new tab