Telnyx is a organization tracked across 11 threat clusters and 19 intelligence report mentions on ThreatCluster. First observed March 27, 2026; most recent activity July 8, 2026.
On March 24, 2026, two malicious versions of the LiteLLM Python package (1.82.7 and 1.82.8) were published on PyPI, containing credential-stealing malware. The attack, attributed to the TeamPCP threat group, exploited…
AI recruiting startup Mercor confirmed it was impacted by a supply chain attack linked to the LiteLLM project, which has affected thousands of organizations. The breach was attributed to the hacking group TeamPCP, with…
Checkmarx, a software security firm, is investigating a significant data leak after its GitHub repository was compromised in a supply-chain attack on March 23, 2026. The attack, attributed to the TeamPCP cybercrime…
A new supply chain attack, dubbed 'Mini Shai-Hulud', has compromised multiple npm packages related to SAP's Cloud Application Programming Model (CAP). This attack involves injecting malicious preinstall scripts into…
The Vect 2.0 ransomware, emerging from a partnership with the TeamPCP group, has been found to irreversibly destroy files larger than 128 KB instead of encrypting them for ransom. This critical flaw, identified by Check…
The newly discovered PCPJack malware framework is actively targeting cloud environments to steal credentials while removing remnants of the TeamPCP cybercrime group. This worm exploits exposed services such as Docker,…
Scattered Spider, a cybercrime entity linked to various high-profile attacks since 2022, has been reclassified as a decentralized collective rather than a unified group. Group-IB's analysis indicates that it consists of…
On May 20, 2026, GitHub confirmed a significant security breach involving a poisoned Visual Studio Code (VS Code) extension that compromised an employee's device. The attack, attributed to the TeamPCP hacking group,…
Databricks is investigating a potential security compromise linked to the TeamPCP supply chain attack. This incident follows a notification from International Cyber Digest, which indicated that Databricks was alerted…
In a span of four months, the threat actor TeamPCP has compromised over 1,000 open-source software packages, injecting malicious code and exploiting the trust developers place in these resources. The attack method…