TeamPCP Supply Chain Campaign is a threat campaign tracked across 4 threat clusters and 4 intelligence report mentions on ThreatCluster. First observed March 25, 2026; most recent activity May 14, 2026.
On March 24, 2026, two malicious versions of the LiteLLM Python package (1.82.7 and 1.82.8) were published on PyPI, containing credential-stealing malware. The attack, attributed to the TeamPCP threat group, exploited…
AI recruiting startup Mercor confirmed it was impacted by a supply chain attack linked to the LiteLLM project, which has affected thousands of organizations. The breach was attributed to the hacking group TeamPCP, with…
TeamPCP, a financially motivated threat actor, has been conducting a campaign targeting software supply chains from March 19 to April 24, 2026. The group exploited trusted CI/CD and release workflows to steal sensitive…
Databricks is investigating a potential security compromise linked to the TeamPCP supply chain attack. This incident follows a notification from International Cyber Digest, which indicated that Databricks was alerted…