The Worm That Keeps on Digging: TeamPCP Hits @antv in Latest Wave
Source: Wiz
Published:
<p>The ongoing software supply chain campaign targeting the open source ecosystem reemerged on May 19th, affecting NPM packages, GitHub Actions, and a VSCode extension. The distributed malware was designed to harvest credentials, exfiltrate sensitive data, and establish persistent access on infected