‼️ S&P Global, responsible for the S&P 500, was compromised by TeamPCP during recent supply chain attacks (Trivy / LiteLLM).
We’ve known spglobal[.]com was on their list for some time now and didn’t get any reply from their press contact.
We’ve known spglobal[.]com was on their list for some time now and didn’t get any reply from their press contact.
😱9🤣2❤1
🚨‼️ BREAKING: Databricks allegedly compromised in a TeamPCP supply chain attack.
Databricks is the leading cloud-based data analytics platform: used by organizations worldwide to manage massive datasets.
We notified them last week. They scaled up to investigate. We haven't heard back since.
Databricks is the leading cloud-based data analytics platform: used by organizations worldwide to manage massive datasets.
We notified them last week. They scaled up to investigate. We haven't heard back since.
❤7
🚨‼️ UPDATE: Here is a selection of companies compromised in the recent TeamPCP supply chain attacks.
This is just a fraction, the full list likely runs into the thousands. 👀
MTN: mtn[.]com
Gravatar: gravatar[.]com
Zoopla: zoopla[.]co[.]uk
Ansys: ansys[.]com
Ansys GitHub: github[.]com/ansys
ACUITY: acuity[.]com
StarTech: startech[.]com
Lightning: lightning[.]ai
Grid: grid[.]ai
Proton: proton[.]ai
Finkargo: finkargo[.]com
Hillspire: hillspire[.]com
Agronod: agronod[.]com
Spaceship: spaceship[.]com[.]ai
Hicap: hicap[.]ai
Pytorchbearer: github[.]com/pytorchbearer
KCI AI Team: github[.]com/kci-ai-team
This is just a fraction, the full list likely runs into the thousands. 👀
MTN: mtn[.]com
Gravatar: gravatar[.]com
Zoopla: zoopla[.]co[.]uk
Ansys: ansys[.]com
Ansys GitHub: github[.]com/ansys
ACUITY: acuity[.]com
StarTech: startech[.]com
Lightning: lightning[.]ai
Grid: grid[.]ai
Proton: proton[.]ai
Finkargo: finkargo[.]com
Hillspire: hillspire[.]com
Agronod: agronod[.]com
Spaceship: spaceship[.]com[.]ai
Hicap: hicap[.]ai
Pytorchbearer: github[.]com/pytorchbearer
KCI AI Team: github[.]com/kci-ai-team
🤯11🔥2👍1💩1
The threat actors who are part of TeamPCP are going crazy.
TeamPCP is imploding. Nearly every member has been kicked from the group and their operations are severely disrupted. 👀
They're having some rodent infestation problem. I wonder how, I wonder why...
Yesterday you told me 'bout the blue blue sky
And all that I can see is just a yellow lemon tree🍋
https://www.youtube.com/watch?v=wCQfkEkePx8
TeamPCP is imploding. Nearly every member has been kicked from the group and their operations are severely disrupted. 👀
They're having some rodent infestation problem. I wonder how, I wonder why...
Yesterday you told me 'bout the blue blue sky
And all that I can see is just a yellow lemon tree
https://www.youtube.com/watch?v=wCQfkEkePx8
Please open Telegram to view this post
VIEW IN TELEGRAM
Please open Telegram to view this post
VIEW IN TELEGRAM
🥴12😁2❤1🤣1
Media is too big
VIEW IN TELEGRAM
❗️ A scammer was caught using an AI face mask to hide his true identity.
He works for a fake company called "Global Metrix", which offers recovery services for stolen crypto.
He works for a fake company called "Global Metrix", which offers recovery services for stolen crypto.
🤣18❤1😁1😭1
Me meeting up with my insiders for status updates on recent supply chain attacks.
🤣8😁7❤4🔥1
🚨‼️ MAJOR SUPPLY CHAIN ATTACK: npm package axios is compromised after the maintainer's npm account was hijacked.
Malicious versions contain a Remote Access Trojan. axios has 100M+ weekly downloads — it's in practically everything.
If you have installed [email protected] or [email protected], assume compromise.
Axios' lead maintainer jasonsaayman's npm account was compromised — email was swapped to an anonymous Proton Mail address.
Both malicious versions were pushed manually via npm CLI, bypassing GitHub Actions OIDC entirely, without commits.
🔴 Stepsecurity report: https://stepsecurity.io/blog/axios-compromised-on-npm-malicious-versions-drop-remote-access-trojan
🔴 Socket report:
https://socket.dev/blog/axios-npm-package-compromised
Malicious versions contain a Remote Access Trojan. axios has 100M+ weekly downloads — it's in practically everything.
If you have installed [email protected] or [email protected], assume compromise.
Axios' lead maintainer jasonsaayman's npm account was compromised — email was swapped to an anonymous Proton Mail address.
Both malicious versions were pushed manually via npm CLI, bypassing GitHub Actions OIDC entirely, without commits.
🔴 Stepsecurity report: https://stepsecurity.io/blog/axios-compromised-on-npm-malicious-versions-drop-remote-access-trojan
🔴 Socket report:
https://socket.dev/blog/axios-npm-package-compromised
❤8🥴2
🚨‼️ BREAKING: Claude Code's source code has been leaked via a map file exposed in Anthropic's npm registry.
The leaked code appears to reveal new and previously undisclosed features.
Source code backups:
1)
https://github.com/chatgptprojects/claude-code
2)
https://pub-aea8527898604c1bbb12468b1581d95e.r2.dev/src.zip
The leaked code appears to reveal new and previously undisclosed features.
Source code backups:
1)
https://github.com/chatgptprojects/claude-code
2)
https://pub-aea8527898604c1bbb12468b1581d95e.r2.dev/src.zip
👏11😱6❤5😁3
Please open Telegram to view this post
VIEW IN TELEGRAM
🤣5😁1