Modena360 Blog

blog image

Inside TeamPCP: The Supply-Chain Worm Poisoning the Software You Trust

For years, the biggest cyber threat to most businesses was someone breaking in. In 2026 the script has flipped: attackers are no longer forcing the door — they are quietly poisoning the trusted software your business already installs. The campaign run by a group known as TeamPCP is the clearest warning yet.

Since late 2025, TeamPCP has used a self-propagating worm — nicknamed "Mini Shai-Hulud" — to slip malicious code into more than 1,000 open-source software packages across the npm, PyPI, GitHub, Docker and OpenVSX ecosystems. Researchers at CyberScoop, Palo Alto Networks and Trend Micro have tracked wave after wave of these attacks, and Google has traced the core operator, who uses the handle "ResoluteXBF," to South Africa.

What makes this campaign so dangerous is what it targets and how it spreads. TeamPCP deliberately compromised the security tools defenders rely on — including the popular scanners Trivy and KICS and the AI gateway LiteLLM — and a single poisoned developer extension gave the attackers access to thousands of private code repositories. Once the worm steals the credentials inside one build pipeline, it automatically finds every other package that developer controls and infects those too. It scales itself, with no human at the keyboard.

Why This Matters for Your Business

  1. You are trusting code you never wrote. Almost every modern application and IT system is built on open-source components. A poisoned package can land inside your software, your suppliers' software, or the tools your IT team uses — without anyone clicking a bad link.
  2. The attack hides inside legitimate updates. Because the malware arrives through normal, trusted software updates, the usual "don't open suspicious emails" advice does nothing to stop it.
  3. It self-replicates at machine speed. A single stolen credential can cascade into hundreds of infected packages within hours, collapsing the time defenders have to react.
  4. Even your security tools can be the entry point. When the very scanners meant to protect you are compromised, blind trust in any single tool becomes a liability.

What Every Business Should Do Now

  • Know what is in your software. Keep an inventory of the third-party and open-source components your business and vendors depend on, so you can react fast when one is compromised.
  • Lock down credentials and tokens. Rotate access tokens regularly, enforce multi-factor authentication everywhere, and grant systems the minimum access they need — this worm spreads on stolen credentials.
  • Patch and verify updates deliberately. Apply security updates promptly, but verify the source and integrity of what you install rather than auto-trusting every release.
  • Watch for abnormal behaviour. Monitor for the unusual activity a compromised package triggers — unexpected network connections, new accounts, or data leaving your environment.
  • Have a tested recovery plan. Keep isolated, regularly tested backups so a supply-chain compromise can be contained and reversed, not just discovered.

How a Managed Service Provider (MSP) Helps

  • Continuous monitoring & detection — a round-the-clock watch for the machine-speed activity these worms generate, so threats are caught early.
  • Vendor & supply-chain risk management — visibility over the third-party software your business relies on, and a plan for when one is breached.
  • Identity & access control — MFA, least-privilege access and disciplined credential rotation that stop a single stolen token from cascading.
  • Patch & vulnerability management — a structured process for applying and verifying updates across your environment.
  • Backup & incident response — tested backups and a rehearsed plan to recover quickly if a trusted component is compromised.

The TeamPCP campaign is a clear signal that supply-chain security is no longer a problem only for software companies. Every business that runs modern IT is downstream of the same trusted code — and that trust is exactly what attackers are now exploiting. The organisations that stay resilient will be the ones that verify rather than assume, and that have someone watching around the clock.


Worried about what is hiding in the software your business trusts?

Modena360 helps Australian businesses lock down credentials, manage vendor risk and stay protected against modern supply-chain attacks.

Talk to Modena360