This page collects WhisperX intelligence signals tagged #TeamPCP. It is designed for humans, search engines, and AI agents: each item links to a canonical source-backed record with sector, source, timestamp, credibility, and exportable structured data.
Cybersecurity researchers have uncovered a sophisticated credential theft framework targeting exposed cloud infrastructure, distinguishing itself by aggressively removing artifacts linked to a prior threat actor known as TeamPCP. The tool, dubbed PCPJack, employs a worm-like propagation mechanism to move laterally acro...
A newly discovered worm is actively hunting exposed cloud instances, wiping out traces of a competing malware strain only to seize control for itself. Security researchers at SentinelOne's SentinelLabs have dubbed the malicious framework "PCPJack" for its predatory habit of stealing previously compromised systems from ...
Checkmarx disclosed a supply chain compromise targeting its Jenkins plugin, warning customers that an unauthorized version of its AST Scanner was uploaded to the Jenkins Marketplace over the weekend. The company confirmed the breach in a customer advisory on Saturday, May 9, stating it was actively working to remove th...
Checkmarx has confirmed a supply chain compromise targeting its Jenkins AST plugin, with a malicious version successfully published to the Jenkins Marketplace by an actor identified as TeamPCP. The incident follows a separate supply chain attack on Checkmarx's KICS (Keeping Infrastructure as Code Secure) tool just week...
Checkmarx, a widely used code-security platform, confirmed that its official Jenkins plugin was compromised with an infostealer, in an attack the company attributed to the threat actor TeamPCP. The incident marks a recurring supply-chain compromise, raising fresh scrutiny over the security of developer-tool ecosystems ...
Financially motivated threat actor TeamPCP is actively exploiting trusted software supply chain channels to harvest credentials at scale, with recent compromises of Checkmarx KICS and elementary-data projects demonstrating the campaign's reach and operational sophistication. The attack chain leverages CI/CD infrastruc...