THREATOPS
THREAT OPSThreat News › The Worm That Keeps on Digging: TeamPCP Hits @antv in Latest Wave

The Worm That Keeps on Digging: TeamPCP Hits @antv in Latest Wave

infowiz_researchPublished 2026-05-19

Multi-ecosystem supply chain compromise by TeamPCP targets GitHub, NPM, and VSCode to steal credentials and establish persistence.

MITRE ATT&CK techniques

Original source: https://www.wiz.io/blog/mini-shai-hulud-teampcp-hits-antv-supply-chain