TeamPCP
Cybersecurity & Risk
Mini Shai-Hulud: 630 Poisoned npm Packages in 20 Minutes — The Defense Checklist
⚡ Key Takeaways The Mini Shai-Hulud campaign deployed over 630 malicious npm package versions across 317 packages in approximately 20...
Cybersecurity & Risk
GitHub Breach via Poisoned VS Code Extension: Developer Supply Chain Security Lessons
⚡ Key Takeaways In May 2026, hacking group TeamPCP compromised a GitHub employee’s device through a poisoned VS Code extension,...
Cybersecurity & Risk
Mini Shai-Hulud: How 20 Minutes Poisoned 317 npm Packages and What It Means for Open-Source Trust
⚡ Key Takeaways On May 11, 2026, TeamPCP’s mini-Shai-Hulud campaign compromised 317 npm packages in 26 minutes by exploiting a...
Cybersecurity & Risk
TeamPCP’s 317-Package Attack: How Open-Source Supply Chains Break in 20 Minutes
⚡ Key Takeaways In May 2026, threat group TeamPCP released 630+ malicious versions across 317 npm packages in 20 minutes...
Cybersecurity & Risk
Supply Chain Breached: Grafana Hack and VS Code Malware Target Developers in 2026
⚡ Key Takeaways On May 18, 2026, the Nx Console VS Code extension (2.2 million installs) was compromised with a...
Cybersecurity & Risk
AI Tools as Attack Vectors: Supply Chain Threats Targeting Enterprise Dev in 2026
⚡ Key Takeaways TeamPCP compromised 4 official SAP npm packages on April 29, 2026 — 570,000 weekly downloads affected, 1,100+...
