The Cyber Resilience Brief: A SafeBreach Podcast

Ep. 66 - Poisoned Pipelines: TeamPCP and the FBI Flash on Weaponized Dev Tools

17 min · 5. Juli 2026
Episode Ep. 66 - Poisoned Pipelines: TeamPCP and the FBI Flash on Weaponized Dev Tools Cover

Beschreibung

A criminal crew with APT-grade patience is trojanizing the very tools defenders trust. Host Tova Dvorin sits down with Adrian Culley to break down FBI FLASH-20260702-01 (coordinated with CISA) on TeamPCP — the group compromising Trivy, KICS, LiteLLM, and the Telnyx SDK to sit inside CI/CD pipelines. Inside: the CanisterWorm and SANDCLOCK credential stealers, the self-replicating "Mini Shai-Hulud" worm across npm and PyPI, npm account takeovers via expired recovery domains, and five concrete defenses — starting with searching your GitHub org for "tpcp-docs" right now. Read more on our blog: https://www.safebreach.com/blog/teampcp-supply-chain-attacks-fbi-flash-alert-20260702-01-safebreach-coverage/ [https://www.safebreach.com/blog/teampcp-supply-chain-attacks-fbi-flash-alert-20260702-01-safebreach-coverage/] #cybersecurity #infosec #CISO #supplychainsecurity #TeamPCP #CICD #BAS #SafeBreach

Kommentare

0

Sei die erste Person, die kommentiert

Melde dich jetzt an und werde Teil der The Cyber Resilience Brief: A SafeBreach Podcast-Community!

Loslegen

2 Monate für 1 €

Dann 4,99 € / Monat · Jederzeit kündbar.

  • Podcasts nur bei Podimo
  • 20 Stunden Hörbücher / Monat
  • Alle kostenlosen Podcasts

Alle Folgen

68 Folgen

Episode Ep. 66 - Poisoned Pipelines: TeamPCP and the FBI Flash on Weaponized Dev Tools Cover

Ep. 66 - Poisoned Pipelines: TeamPCP and the FBI Flash on Weaponized Dev Tools

A criminal crew with APT-grade patience is trojanizing the very tools defenders trust. Host Tova Dvorin sits down with Adrian Culley to break down FBI FLASH-20260702-01 (coordinated with CISA) on TeamPCP — the group compromising Trivy, KICS, LiteLLM, and the Telnyx SDK to sit inside CI/CD pipelines. Inside: the CanisterWorm and SANDCLOCK credential stealers, the self-replicating "Mini Shai-Hulud" worm across npm and PyPI, npm account takeovers via expired recovery domains, and five concrete defenses — starting with searching your GitHub org for "tpcp-docs" right now. Read more on our blog: https://www.safebreach.com/blog/teampcp-supply-chain-attacks-fbi-flash-alert-20260702-01-safebreach-coverage/ [https://www.safebreach.com/blog/teampcp-supply-chain-attacks-fbi-flash-alert-20260702-01-safebreach-coverage/] #cybersecurity #infosec #CISO #supplychainsecurity #TeamPCP #CICD #BAS #SafeBreach

5. Juli 202617 min
Episode Ep. 65 - "Months, Not Years": The Five Eyes AI Warning and Your Security Program Cover

Ep. 65 - "Months, Not Years": The Five Eyes AI Warning and Your Security Program

On June 22, 2026, the heads of all six Five Eyes cyber agencies — GCHQ, CISA, the NSA, ASD, the Canadian Centre, and New Zealand's GCSB — signed a rare joint statement: AI has rewritten the cyber risk timeline, and it's months, not years. Host Tova Dvorin and offensive security expert Adrian Culley unpack why AI is collapsing the window between vulnerability and exploit, why "having controls" isn't the same as proven controls, and why legacy systems are now strategic liabilities for the board, not the IT team. A clear-eyed look at validation, assumed breach, and what CISOs should do Monday morning. Read the full Five Eyes statement on the CISA website: https://www.cisa.gov/news-events/news/five-eyes-cyber-security-agencies-statement [https://www.cisa.gov/news-events/news/five-eyes-cyber-security-agencies-statement] #cybersecurity #infosec #CISO #FiveEyes #CISA #NSA #GCHQ #adversarialexposurevalidation #cyberresilience #SafeBreach

1. Juli 202618 min