supply-chain-security
The durabletask PyPI Compromise: TeamPCP Attacks Azure Pipelines
Prevent the durabletask PyPI compromise. Learn how TeamPCPs rope.pyz malware steals cloud credentials, propagates via SSM, and how to remediate.
pypi malware
supply-chain-security
How TeamPCP Compromised (again) LiteLLM
TeamPCP strikes again. The popular Python package litellm (versions 1.82.7 and 1.82.8) was compromised on PyPI, deploying a credential harvester and Kubernetes backdoor.