Threat Intelligence / Actor / TeamPCP
TeamPCP
Also known as: TeamPCP, Mini Shai-Hulud operator, Shai-Hulud framework author, UNC6780 (candidate), Mini Shai-Hulud operators, PCPcat, DeadCatx3, xploitrsturtle2, Shai-Hulud operators (variant), Mini Shai-Hulud v3 operators, Mini Shai-Hulud, PCP Team
Tracked threats
- durabletask PyPI Supply Chain Compromise (v1.4.1–1.4.3) — Microsoft-Published Azure Durable Functions SDK Trojanized w/ Cross-Cloud Credential Stealer + Linux Disk Wiper (TeamPCP / Mini Shai-Hulud) — CRITICAL
- Nx Console VS Code Extension Backdoored (v18.95.0) — TeamPCP Mini Shai-Hulud Pivot from TanStack npm Worm to GitHub Internal Repository Breach (CVE-2026-48027) — CRITICAL
- GitHub Internal Breach — TeamPCP Exfiltrates 3,800+ Repos via Poisoned VS Code Extension Tied to Mini Shai-Hulud Worm — CRITICAL
- TeamPCP @antv Supply Chain Wave — Mini Shai-Hulud Multi-Ecosystem npm/GitHub Actions/VSCode Compromise — CRITICAL
- Backdoored Cemu v2.6 GitHub Release — TeamPCP Supply Chain Campaign Extends to Cemu Nintendo Wii U Emulator (cemu-project/Cemu) — HIGH
- Mini Shai-Hulud v3 — TanStack/UiPath/Mistral AI npm & PyPI Supply Chain Compromise (TeamPCP) — CRITICAL
- Checkmarx Jenkins AST Plugin Supply Chain Compromise — TeamPCP Backdoored Plugin on Jenkins Marketplace — HIGH
- Mini Shai-Hulud Resurfaces — intercom-client@7.0.4 npm Worm Harvesting GitHub & Cloud Credentials (TeamPCP) — CRITICAL
- SAP CAP & Cloud MTA npm Packages Compromised — Mini Shai-Hulud (TeamPCP) Bun-Based Credential Stealer — CRITICAL
- Bitwarden CLI Hijacked in npm Supply Chain Attack Linked to TeamPCP & Checkmarx Breach — CRITICAL
- Bitwarden CLI 2026.4.0 (@bitwarden/cli) Compromised via Abused GitHub Action in Ongoing Checkmarx Supply Chain Campaign — CRITICAL
- Telnyx Python SDK PyPI Compromise — TeamPCP CanisterWorm Supply Chain Attack (telnyx 4.87.1/4.87.2) — CRITICAL
- TeamPCP LiteLLM Supply Chain Attack — Trojaned PyPI Packages (v1.82.7/1.82.8) with Multi-Stage C2 Payload — CRITICAL
- TeamPCP Cascading Supply Chain Campaign: Telnyx PyPI Compromise with WAV Steganography — CRITICAL
- TeamPCP Supply Chain Attack via Backdoored Telnyx PyPI Package with Steganographic WAV Payloads — CRITICAL
- LiteLLM Supply Chain Compromise — TeamPCP Multi-Ecosystem Campaign via Trojanized PyPI Packages — CRITICAL
- TeamPCP Supply Chain Attack on LiteLLM — Trojanized PyPI Packages with .pth Persistence and Multi-Stage Credential Stealer — CRITICAL
- Trivy Supply Chain Compromise — TeamPCP Credential-Stealing Malware Injected into CI/CD Pipelines (CVE-2026-33634) — CRITICAL
- TeamPCP Supply Chain Campaign: LiteLLM PyPI Compromise, CanisterWorm npm Propagation, and Multi-Ecosystem Attack (CVE-2026-33634) — CRITICAL
- Checkmarx KICS GitHub Action Supply Chain Compromise by TeamPCP (kics-github-action Tag Hijacking) — CRITICAL
- Trivy Supply Chain Attack — Credential Theft Infostealer via Malicious GitHub Actions Tags (GHSA-69fq-xp46-6x23) — CRITICAL
- Trivy Ecosystem Supply Chain Compromise — Infostealer via Hijacked GitHub Actions and Container Images (CWE-506) — CRITICAL
- Trivy Supply Chain Compromise by TeamPCP — Credential-Stealing Malware in v0.69.4, trivy-action, and setup-trivy GitHub Actions — CRITICAL
Full actor intelligence — infrastructure, IOCs, detection coverage and operator fingerprints — is available via the Threadlinqs MCP server (Purple tier). View plans →