The FBI has issued a new FLASH advisory detailing the tactics, techniques, and procedures used by TeamPCP, a financially motivated cybercrime group behind several high-profile software supply chain attacks throughout 2026. The advisory warns that the group has compromised trusted developer tools, stolen cloud credentials and source code, and expanded into extortion by threatening to publish stolen data.
The advisory provides organizations with indicators of compromise (IOCs), malware details, and mitigation guidance while urging any organization that suspects TeamPCP activity to contact the FBI. The FLASH was coordinated with DHS/CISA and is marked TLP:CLEAR.
Supply chain compromises targeted trusted developer tools
According to the FBI, TeamPCP compromised legitimate software distribution channels by injecting malicious code into widely used packages and development dependencies. The modified software delivered credential-stealing malware and persistent backdoors while appearing to be legitimate updates.
The advisory identifies compromises involving Trivy, Checkmarx KICS, LiteLLM, and the Telnyx Python SDK. These tools are commonly integrated into enterprise CI/CD pipelines, cloud infrastructure, and application development workflows, allowing malicious updates to spread into downstream environments.
Once deployed, TeamPCP reportedly harvested sensitive authentication material including cloud access tokens, SSH keys, Kubernetes secrets, API credentials, and other privileged information from compromised systems.
FBI details malware used by TeamPCP
The advisory attributes multiple malware families to TeamPCP operations.
CanisterWorm is described as harvesting credentials and authentication material from cloud providers including AWS, Microsoft Azure, and Google Cloud Platform.
SANDCLOCK steals AWS credentials, Kubernetes ServiceAccount tokens, local environment variables, and cryptocurrency wallet data.
The FBI also highlights Mini Shai-Hulud, a self-replicating supply chain worm capable of spreading across npm and PyPI ecosystems, along with Miasma, a related variant designed to harvest credentials while poisoning development environments.
Extortion activity now part of TeamPCP operations
Beyond software supply chain attacks, the FBI states TeamPCP has engaged in extortion alongside other cybercriminal groups by publishing victim names on a public leak site and threatening to release stolen data.
The advisory warns organizations to treat stolen credentials and exfiltrated data as a long-term security risk even after initial access has been removed, noting that affiliated threat actors may continue abusing compromised secrets long after the original intrusion.
This marks one of the clearest public acknowledgements from U.S. law enforcement that TeamPCP’s operations now extend beyond credential theft into data extortion and broader criminal collaboration.
Organizations urged to rotate credentials immediately
The FBI recommends organizations rotate all CI/CD secrets, cloud credentials, and publishing tokens that may have been exposed during TeamPCP activity. Additional recommendations include pinning GitHub Actions workflows to verified commit hashes, enforcing phishing-resistant multi-factor authentication, applying least-privilege access controls, monitoring CI/CD pipelines for abnormal behavior, auditing third-party integrations, and implementing integrity verification for published software artifacts.
The advisory also includes indicators of compromise including IP addresses, domains, malware hashes, affected CVEs, and detection guidance for incident responders.
The complete FBI FLASH advisory is available here: Cyber Criminal Group TeamPCP (PDF).
BreachNews has tracked TeamPCP throughout 2026
TeamPCP has been the focus of numerous BreachNews investigations throughout 2026, including coverage of the Bitwarden CLI supply chain compromise, the Mini Shai-Hulud malware campaign, the Mercor supply chain attack, and the OpenAI breach linked to Mini Shai-Hulud.
The FBI advisory represents the first comprehensive U.S. government summary of TeamPCP’s operations, consolidating months of security research into a single public document while confirming the group’s continued threat to organizations that rely on software supply chains and cloud-native development environments.












