TeamPCP Supply Chain Campaign: Update 008

function maxarticle() { var article=document.getElementsByTagName('article'); var cn=article[0].className; if ( article[0].className=='fullscreen' ) { article[0].className='normal'; } else { article[0].className='fullscreen'; } } TeamPCP Supply Chain Campaign: Update 008 - 26-Day Pause Ends with Three Concurrent Compromises (Checkmarx KICS, Bitwarden CLI Cascade, xinference PyPI), CanisterSprawl npm Worm Identified, and Tier 1 Coverage Returns Published: 2026-04-27. Last Updated: 2026-04-27 14:01:17 UTC by Kenneth Hartman (Version: 1) 0 comment(s) This update succeeds TeamPCP Supply Chain Campaign Update 007, published April 8, 2026, which left the campaign in credential-monetization mode following the Cisco source code theft via Trivy-linked credentials, Google GTIG's formal designation of the operators as UNC6780 (with their credential stealer named SANDCLOCK), and the lapsed CISA KEV remediation deadline for CVE-2026-33634 with no standalone federal advisory. The Sportradar publication deadline flagged in Update 007 (approximately April 10 to 11) lapsed without a public CipherForce dump, and CipherForce's leak infrastructure has remained offline. Twelve days after Update 007, the technical compromise picture changed sharply across the W17 window (April 20 through April 26). The most significant development of the week was the end of TeamPCP's 26-day supply chain compromise pause, with three concurrent package compromises landing across npm, PyPI, and Docker Hub between April 21 and 22. The Checkmarx KICS Docker Hub repository was compromised on April 22 (claimed by TeamPCP via @pcpcats), the xinference PyPI package was poisoned the same day with a TeamPCP marker that the group publicly denied, and a self-propagating npm worm tracked as CanisterSprawl was identified by Socket and StepSecurity beginning April 21. The KICS Docker compromise then cascaded into a downstream compromise of @bitwarden/cli version 2026.4.0 the same evening when Bitwarden's Dependabot automation pulled the malicious checkmarx/kics:latest image into the Bitwarden CI/CD pipeline. Reporting suggests the campaign has visibly returned to its technical-discovery and active-compromise phase after spending most of April in credential-monetization mode; analysts assess the operators retain full operational capability despite the prior month's monetization failures. Dated event log 2026-04-20: ADT filed a Form 8-K with the SEC disclosing unauthorized access to certain cloud-based environments first identified the same day, with ShinyHunters subsequently posting a leak-site claim of over 10 million records and a 2026-04-27 publication deadline. The intrusion was attributed to a vishing attack against an ADT employee's Okta single sign-on account, which is a different access vector than the Trivy credential trove and therefore is NOT a confirmed TeamPCP supply chain campaign event; it is logged here only because ShinyHunters has been documented in prior updates as part of the TeamPCP-affiliated extortion ecosystem and remained operationally active during the target week. Source: BleepingComputer, https://www.bleepingcomputer.com/news/security/adt-confirms-data-breach-after-shinyhunters-leak-threat/ and Help Net Security, https://www.helpnetsecurity.com/2026/04/27/adt-systems-data-breach/ 2026-04-21: Socket and StepSecurity began identifying a self-propagating npm supply chain worm tracked as CanisterSprawl, embedded across at least 16 malicious package versions across…

This excerpt is published under fair use for community discussion. Read the full article at SANS Internet Storm Center.