T1195.001Compromise Software Dependencies and Development Tools
96%
"teampcp expands supply chain campaign with litellm pypi compromise a widely used python package with more than 95 million monthly downloads has been compromised with credential - stealing malware, expanding the ongoing supply chain campaign linked to the teampcp threat group. the…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1195.001Compromise Software Dependencies and Development Tools
96%
"stage supply chain campaign across several developer ecosystems, including github actions, docker hub, npm, openvsx and pypi. " given the volume of stolen credentials across likely thousands of downstream environments, expect an increase in breach disclosures, follow - on intrusi…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1195.001Compromise Software Dependencies and Development Tools
94%
"if the package was not actively used. malware designed for credential theft and persistence analysis by jfrog researchers showed the malware operated in three stages, beginning with a hidden payload embedded inside package files. once triggered, the malware collected sensitive in…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1552.001Credentials In Files
64%
"if the package was not actively used. malware designed for credential theft and persistence analysis by jfrog researchers showed the malware operated in three stages, beginning with a hidden payload embedded inside package files. once triggered, the malware collected sensitive in…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1195Supply Chain Compromise
44%
"stage supply chain campaign across several developer ecosystems, including github actions, docker hub, npm, openvsx and pypi. " given the volume of stolen credentials across likely thousands of downstream environments, expect an increase in breach disclosures, follow - on intrusi…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1195.002Compromise Software Supply Chain
41%
"stage supply chain campaign across several developer ecosystems, including github actions, docker hub, npm, openvsx and pypi. " given the volume of stolen credentials across likely thousands of downstream environments, expect an increase in breach disclosures, follow - on intrusi…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1195.002Compromise Software Supply Chain
40%
"if the package was not actively used. malware designed for credential theft and persistence analysis by jfrog researchers showed the malware operated in three stages, beginning with a hidden payload embedded inside package files. once triggered, the malware collected sensitive in…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
Summary
Python package LiteLLM compromised with credential-stealing malware linked to TeamPCP threat group