The Cyber Resilience Brief: A SafeBreach Podcast
A criminal crew with APT-grade patience is trojanizing the very tools defenders trust. Host Tova Dvorin sits down with Adrian Culley to break down FBI FLASH-20260702-01 (coordinated with CISA) on TeamPCP — the group compromising Trivy, KICS, LiteLLM, and the Telnyx SDK to sit inside CI/CD pipelines. Inside: the CanisterWorm and SANDCLOCK credential stealers, the self-replicating "Mini Shai-Hulud" worm across npm and PyPI, npm account takeovers via expired recovery domains, and five concrete defenses — starting with searching your GitHub org for "tpcp-docs" right now. Read more on our blog: https://www.safebreach.com/blog/teampcp-supply-chain-attacks-fbi-flash-alert-20260702-01-safebreach-coverage/ [https://www.safebreach.com/blog/teampcp-supply-chain-attacks-fbi-flash-alert-20260702-01-safebreach-coverage/] #cybersecurity #infosec #CISO #supplychainsecurity #TeamPCP #CICD #BAS #SafeBreach
68 episoder
Kommentarer
0Vær den første til at kommentere
Tilmeld dig nu og bliv en del af The Cyber Resilience Brief: A SafeBreach Podcast-fællesskabet!