TeamPCP Supply Chain Campaign

• Entity ID: ent-20260410-1f377ddef39d
• Type: issue
• Scope: shared
• Status: active
• Aliases: teampcp, supply-chain-attack

Description

Nine-day coordinated supply chain attack (March 19-31, 2026) compromising Trivy, KICS, LiteLLM, and axios. 300GB estimated stolen credentials.

Key claims

• March 31 npm install window overlapped with live Axios RAT
• Two unrelated supply-chain events overlapped in an 88-minute window on March 31

Relations

• Axios RAT (v1.14.1 / v0.30.4) March 31 Supply-Chain Window --[related_to]--> TeamPCP Supply Chain Campaign
• Supply Chain Cascade Timeline (March 24 - April 3) --[contains]--> TeamPCP Supply Chain Campaign

Sources

src-20260409-9ae8df121bc8