{"campaign":{"name":"TeamPCP","slug":"teampcp","href":"/ti/campaigns/teampcp","description":"Umbrella supply chain campaign tracked by Wiz (Rami McCarthy) that compromises developer tooling, package registries, and CI/CD across npm, PyPI, Docker, VSCode, and Packagist. The initial wave abused Checkmarx-themed decoy domains (checkmarx.zone, audit.checkmarx.cx) and shared C2 (94.154.172.43) to trojanize litellm and, through a cascading KICS compromise, @bitwarden/cli. Attribution strings reuse Dune terminology, linking it to the Shai-Hulud worm family.","objective":"Compromise the software supply chain to steal cloud and developer credentials at scale.","aliases":["TeamPCP Supply Chain Campaign"],"discovered_at":"2026-03-24"},"packages":[{"ecosystem":"pypi","name":"litellm","href":"/ti/packages/pypi/litellm","threat_types":["credential_stealer","data_exfiltration","rat","persistence"],"versions":["1.82.8"]},{"ecosystem":"pypi","name":"telnyx","href":"/ti/packages/pypi/telnyx","threat_types":["credential_stealer","data_exfiltration"],"versions":["2.0.0"]},{"ecosystem":"npm","name":"@bitwarden/cli","href":"/ti/packages/npm/@bitwarden/cli","threat_types":["other"],"versions":["2026.4.1"]}],"indicators":[{"kind":"domain","value":"models.litellm.cloud","href":"/ti/ioc/domain/models.litellm.cloud","context":"Network indicator from blog post"},{"kind":"domain","value":"checkmarx.zone","href":"/ti/ioc/domain/checkmarx.zone","context":"Network indicator from blog post"},{"kind":"sha256","value":"d2a0d5f564628773b6af7b9c11f6b86531a875bd2d186d7081ab62748a800ebb","href":"/ti/ioc/sha256/d2a0d5f564628773b6af7b9c11f6b86531a875bd2d186d7081ab62748a800ebb","context":"SHA-256 hash from blog post"},{"kind":"sha1","value":"9343aeefca37aa49a6ea54397d7615adae5c72c9","href":"/ti/ioc/sha1/9343aeefca37aa49a6ea54397d7615adae5c72c9","context":"SHA-1/commit-like hash from blog post"},{"kind":"domain","value":"83.142.209.203","href":"/ti/ioc/domain/83.142.209.203","context":"Network indicator from blog post"},{"kind":"ipv4","value":"83.142.209.203","href":"/ti/ioc/ipv4/83.142.209.203","context":"IP address indicator from blog post"},{"kind":"sha256","value":"7321caa303fe96ded0492c747d2f353c4f7d17185656fe292ab0a59e2bd0b8d9","href":"/ti/ioc/sha256/7321caa303fe96ded0492c747d2f353c4f7d17185656fe292ab0a59e2bd0b8d9","context":"SHA-256 hash from blog post"},{"kind":"sha256","value":"cd08115806662469bbedec4b03f8427b97c8a4b3bc1442dc18b72b4e19395fe3","href":"/ti/ioc/sha256/cd08115806662469bbedec4b03f8427b97c8a4b3bc1442dc18b72b4e19395fe3","context":"SHA-256 hash from blog post"},{"kind":"email","value":"support@telnyx.com","href":"/ti/ioc/email/support@telnyx.com","context":"Email indicator from blog post"},{"kind":"domain","value":"audit.checkmarx.cx","href":"/ti/ioc/domain/audit.checkmarx.cx","context":"Network indicator from blog post"},{"kind":"ipv4","value":"94.154.172.43","href":"/ti/ioc/ipv4/94.154.172.43","context":"IP address indicator from blog post"},{"kind":"sha256","value":"18f784b3bc9a0bcdcb1a8d7f51bc5f54323fc40cbd874119354ab609bef6e4cb","href":"/ti/ioc/sha256/18f784b3bc9a0bcdcb1a8d7f51bc5f54323fc40cbd874119354ab609bef6e4cb","context":"SHA-256 hash from blog post"},{"kind":"sha256","value":"8605e365edf11160aad517c7d79a3b26b62290e5072ef97b102a01ddbb343f14","href":"/ti/ioc/sha256/8605e365edf11160aad517c7d79a3b26b62290e5072ef97b102a01ddbb343f14","context":"SHA-256 hash from blog post"},{"kind":"sha1","value":"de0fac2e4500dabe0009e67214ff5f5447ce83dd","href":"/ti/ioc/sha1/de0fac2e4500dabe0009e67214ff5f5447ce83dd","context":"SHA-1/commit-like hash from blog post"},{"kind":"sha1","value":"bbbca2ddaa5d8feaa63e36b76fdaad77386f024f","href":"/ti/ioc/sha1/bbbca2ddaa5d8feaa63e36b76fdaad77386f024f","context":"SHA-1/commit-like hash from blog post"}],"ttps":[{"name":"Supply Chain Compromise: Compromise Software Dependencies and Development Tools","mitre_attack_id":"T1195.001","href":"/ti/ttps/T1195.001"},{"name":"Command and Scripting Interpreter: Python","mitre_attack_id":"T1059.006","href":"/ti/ttps/T1059.006"},{"name":"Unsecured Credentials: Credentials In Files","mitre_attack_id":"T1552.001","href":"/ti/ttps/T1552.001"},{"name":"Exfiltration Over C2 Channel","mitre_attack_id":"T1041","href":"/ti/ttps/T1041"},{"name":"Ingress Tool Transfer","mitre_attack_id":"T1105","href":"/ti/ttps/T1105"},{"name":"Application Layer Protocol: Web Protocols","mitre_attack_id":"T1071.001","href":"/ti/ttps/T1071.001"},{"name":"Event Triggered Execution","mitre_attack_id":"T1546","href":"/ti/ttps/T1546"},{"name":"Obfuscated Files or Information","mitre_attack_id":"T1027","href":"/ti/ttps/T1027"},{"name":"Command and Scripting Interpreter: JavaScript","mitre_attack_id":"T1059.007","href":"/ti/ttps/T1059.007"}],"related_campaigns":[{"name":"Shai-Hulud","slug":"shai-hulud","href":"/ti/campaigns/shai-hulud","relationship":"variant-of"},{"name":"Mini Shai-Hulud","slug":"mini-shai-hulud","href":"/ti/campaigns/mini-shai-hulud","relationship":"variant-of"}],"reports":[{"title":"Malicious litellm 1.82.8: Credential Theft and Persistent Backdoor","url":"https://safedep.io/malicious-litellm-1-82-8-analysis","published_at":"2026-03-24"},{"title":"Compromised telnyx on PyPI: WAV Steganography and Credential Theft","url":"https://safedep.io/malicious-telnyx-pypi-compromise","published_at":"2026-03-27"},{"title":"Bitwarden CLI Supply Chain Compromise","url":"https://safedep.io/bitwarden-cli-supply-chain-compromise","published_at":"2026-04-24"}]}