TeamPCP infostealer in compromised Trivy Docker Hub images
Malware Activity
Summary
Hide ▲
Show ▼
TeamPCP infostealer was found in additional compromised Trivy Docker images, extending the malware distribution path through Docker Hub. The newly identified tags 0.69.5 and 0.69.6 surfaced on March 22 without matching GitHub releases. The expansion matters because the compromised images could spread credential-stealing malware into developer environments and CI/CD pipelines.
Related Happenings
Mini Shai-Hulud supply-chain campaign targeting npm and PyPI
Campaign
H score45
First: 12.05.2026 17:45
Last: 12.05.2026 17:45
Sources 1
About this happening:
The **Mini Shai-Hulud** **supply-chain campaign** linked to **TeamPCP** expanded into downstream victim reporting, including **Grafana Labs**. Grafana said its **GitHub environmen...
Mini Shai-Hulud supply-chain campaign targeting npm and PyPI
CampaignAbout this happening: The **Mini Shai-Hulud** **supply-chain campaign** linked to **TeamPCP** expanded into downstream victim reporting, including **Grafana Labs**. Grafana said its **GitHub environmen...
Latest development: 21.05.2026 11:00
Grafana Labs said its GitHub environment was accessed and its codebase downloaded, with additional internal operational information taken from GitHub repositories, after compromise linked to the Mini Shai-Hulud campaign and TanStack npm packages. Grafana said it first spotted malicious activity on May 11, discovered the unauthorized download on May 17, and after contact from the ransom gang rotated automation tokens, enabled enhanced monitoring, audited commits since the May 11 incident, and hardened its GitHub security posture, while saying there is no indication customer production systems or operations were compromised.
TanStack hit by network compromise
Incident
H score29
First: 12.05.2026 17:45
Last: 12.05.2026 17:45
Sources 1
About this happening:
**TanStack** was hit by a **package compromise** on **May 11, 2026**, when attackers published **84 malicious versions** across **42 @tanstack/* packages** and abused the release...
TanStack hit by network compromise
IncidentAbout this happening: **TanStack** was hit by a **package compromise** on **May 11, 2026**, when attackers published **84 malicious versions** across **42 @tanstack/* packages** and abused the release...
Latest development: 21.05.2026 11:00
On May 17, 2026, Grafana Labs said an unauthorized attacker had downloaded its codebase after accessing the firm's GitHub environment, and the company later said additional internal operational information and business contact names and email addresses were taken from its GitHub repositories; Grafana Labs said there was no indication that customer production systems or the Grafana Cloud platform were compromised.
Shai-Hulud supply-chain campaign spreading via stolen CI/CD credentials
Campaign
H score56
First: 12.05.2026 14:29
Last: 12.05.2026 14:29
Sources 1
About this happening:
The **Shai-Hulud** **supply-chain campaign** now includes a fresh **PyPI** wave that compromised **19 packages** across **37 malicious releases**, with popular bioinformatics tool...
Shai-Hulud supply-chain campaign spreading via stolen CI/CD credentials
CampaignAbout this happening: The **Shai-Hulud** **supply-chain campaign** now includes a fresh **PyPI** wave that compromised **19 packages** across **37 malicious releases**, with popular bioinformatics tool...
Mini Shai-Hulud npm supply-chain malware wave
Malware Activity
H score68
First: 12.05.2026 14:07
Last: 12.05.2026 14:07
Sources 1
About this happening:
The **Mini Shai-Hulud** npm **malware activity** now includes the **Miasma** variant affecting **Microsoft GitHub repositories** in a self-replicating **supply-chain campaign**. O...
Mini Shai-Hulud npm supply-chain malware wave
Malware ActivityAbout this happening: The **Mini Shai-Hulud** npm **malware activity** now includes the **Miasma** variant affecting **Microsoft GitHub repositories** in a self-replicating **supply-chain campaign**. O...
Latest development: 09.06.2026 18:42
On June 5, Microsoft removed 73 repositories across its Azure, microsoft, Azure-Samples, and MicrosoftDocs organizations on GitHub after concerns about potential malicious content tied to the Miasma/Shai-Hulud supply-chain campaign. The action disrupted continuous integration pipelines and broke workflows that depended on Azure/functions-action, while Microsoft said it temporarily removed some repositories during its investigation.
PCPJack TeamPCP-targeting cloud credential theft campaign
Campaign
H score37
First: 08.05.2026 12:00
Last: 08.05.2026 12:00
Sources 1
About this happening:
A new **PCPJack** campaign is targeting **TeamPCP victims** by **worming across exposed cloud infrastructure**, creating a fresh risk of credential theft and unauthorized reuse of...
PCPJack TeamPCP-targeting cloud credential theft campaign
CampaignAbout this happening: A new **PCPJack** campaign is targeting **TeamPCP victims** by **worming across exposed cloud infrastructure**, creating a fresh risk of credential theft and unauthorized reuse of...
Timeline
-
23.03.2026 17:05 1 articles · 3mo ago
Trivy 0.69.4 compromise injects credential-stealing malware
Exploitation ObservedThreat actors compromised Aqua Security's Trivy vulnerability scanner version 0.69.4 and injected credential-stealing malware into official releases and GitHub Actions, creating the initial supply-chain foothold affecting developer tooling.
Show sources
- Trivy Supply Chain Attack Expands With New Compromised Docker Images — www.infosecurity-magazine.com — 23.03.2026 17:05
-
23.03.2026 17:05 1 articles · 3mo ago
Compromised Trivy Docker Hub tags 0.69.5 and 0.69.6 are uploaded
Campaign Scope UpdateNew Docker Hub image tags 0.69.5 and 0.69.6 were uploaded without corresponding GitHub releases and were later identified as compromised, extending the malicious distribution path into developer environments and CI/CD pipelines.
Show sources
- Trivy Supply Chain Attack Expands With New Compromised Docker Images — www.infosecurity-magazine.com — 23.03.2026 17:05
-
23.03.2026 17:05 2 articles · 3mo ago
Aqua Security and Socket report TeamPCP indicators and repository tampering
Technical Analysis UpdateAqua Security's March 23 update and Socket's analysis tied the compromised Trivy images to TeamPCP infostealer indicators, described unauthorized changes and repository tampering, and reported brief exposure of an internal GitHub organization linked to Aqua Security with dozens of repositories renamed and made public.
Show sources
- Trivy Supply Chain Attack Expands With New Compromised Docker Images — www.infosecurity-magazine.com — 23.03.2026 17:05
- Trivy Supply Chain Attack Expands With New Compromised Docker Images — www.infosecurity-magazine.com — 23.03.2026 17:05