Teampcp

5 reports

All LLM Security Industry News Agentic AI Research Supply Chain Prompt Injection Regulatory Adversarial ML Jailbreaks Model Theft Data Poisoning

ATLAS OWASP CRITICAL Ars Technica Security Jun 09, 2026 ▲ 8.5

Miasma Worm Targets AI Coding Agents via Poisoned Microsoft Packages

Seventy-three Microsoft-hosted open source packages were compromised with the Miasma credential-stealing worm, which activates specifically when developers open packages inside AI coding agents. The …

AML.T0010 - ML Supply Chain Compromise AML.T0012 - Valid Accounts AML.T0047 - ML-Enabled Product or Service

ATLAS OWASP HIGH The Hacker News May 15, 2026 ▲ 8.5

TanStack Supply Chain Attack Compromises OpenAI Developer Devices and Signing Certificates

A supply chain attack targeting TanStack via the Mini Shai-Hulud malware compromised two OpenAI employee devices, exposing internal source code repositories and code-signing certificates for macOS, …

AML.T0010 - ML Supply Chain Compromise AML.T0012 - Valid Accounts AML.T0047 - ML-Enabled Product or Service

ATLAS OWASP HIGH BleepingComputer May 15, 2026 ▲ 8.5

TeamPCP Steals 5GB of Mistral AI Source Code via Supply Chain Attack

The TeamPCP threat group has compromised Mistral AI's codebase management system via the Shai-Hulud software supply chain attack, stealing approximately 5GB of internal repositories covering training, …

AML.T0010 - ML Supply Chain Compromise AML.T0044 - Full ML Model Access AML.T0057 - LLM Data Leakage

ATLAS OWASP CRITICAL The Hacker News May 13, 2026 ▲ 9.2

Mini Shai-Hulud Supply Chain Worm Compromises Mistral AI, Guardrails AI and TanStack Packages

The TeamPCP threat actor has executed a broad supply chain campaign dubbed Mini Shai-Hulud, injecting credential-stealing malware into npm and PyPI packages from major AI and developer tooling …

AML.T0010 - ML Supply Chain Compromise AML.T0047 - ML-Enabled Product or Service AML.T0018 - Backdoor ML Model

ATLAS OWASP HIGH SANS Internet Storm Center Apr 28, 2026 ▲ 6.5

TeamPCP resumes supply chain attacks, poisoning xinference PyPI and triggering a Bitwarden CLI cascade via compromised Docker image.

The TeamPCP supply chain campaign resumed after a 26-day pause with three concurrent compromises targeting Checkmarx KICS (Docker Hub), xinference (a popular AI inference PyPI package), and a …

AML.T0010 - ML Supply Chain Compromise AML.T0019 - Publish Poisoned Datasets AML.T0047 - ML-Enabled Product or Service