365/69 Monday, July 6, 2026

The U.S. Federal Bureau of Investigation (FBI) issued a FLASH alert on July 2, 2026, warning about a cybercriminal group known as TeamPCP, which has been conducting Software Supply Chain attacks targeting popular developer tools and security tools to steal victims’ credentials. The group embeds malicious code into legitimate software packages and distributes modified versions through common software distribution channels. As a result, organizations’ CI/CD systems may automatically pull and use malicious packages, leading to the installation of credential-stealing malware and backdoors without users noticing any obvious abnormal activity.
The FBI stated that TeamPCP has been linked to several Supply Chain attacks, including attacks on PyPI and npm packages, as well as the “Mini Shai-Hulud” campaign. Confirmed modified tools include Trivy, a container vulnerability scanner; KICS, an Infrastructure-as-Code analysis tool; LiteLLM, a library used to connect and route requests to AI model APIs; and the Telnyx Python SDK. These tools are commonly used in software development, cloud environments, and enterprise security scanning processes, meaning a single compromise can affect many organizations. The group has also used malware such as CanisterWorm, SANDCLOCK, Mini Shai-Hulud, and Miasma to steal cloud access tokens, SSH keys, Kubernetes secrets, API keys, environment variables, and cryptocurrency wallet data.
The FBI warned that credentials and data stolen from this campaign should be treated as a long-term risk, as they may be reused in future attacks by TeamPCP or related threat groups. One observed technique involves taking over npm package maintainer accounts through expired or abandoned account recovery email domains, allowing attackers to reset passwords and publish malicious package versions. The FBI recommends that organizations configure GitHub Actions workflows to reference verified commit SHAs instead of version tags that are not tied to specific commits. Organizations should also rotate all potentially exposed CI/CD secrets, publishing tokens, and cloud credentials; enforce least-privilege access; enable phishing-resistant MFA for accounts with code or package publishing privileges; review npm maintainer accounts that use old or expired recovery email addresses; monitor for abnormal behavior on CI/CD runners; and report incidents to relevant authorities if signs of compromise are found.
