Critical Alert

CVE-2026-50751 - Critical Check Point VPN Exploit Discovered Active in the Wild. View Threat Details →

Powered by CVE WATCHTOWER

×

TeamPCP

Ecosystem Poisoned: Mini Shai-Hulud Worm Hijacks @antv npm Packages to Target CI/CD Pipelines AntV npm Supply Chain Attack Mini Shai-Hulud npm Worm

AntV npm Supply Chain Attack Mini Shai-Hulud npm Worm

Ecosystem Poisoned: Mini Shai-Hulud Worm Hijacks @antv npm Packages to Target CI/CD Pipelines

Do Son May 21, 2026

A massive, fast-moving software supply chain attack has struck the global JavaScript development ecosystem. Over the past...

TeamPCP Open-Sources “Shai-Hulud” AI Supply Chain Malware, Hitting NPM Fleet Shai-Hulud worm NPM supply chain attack

Shai-Hulud worm NPM supply chain attack

TeamPCP Open-Sources “Shai-Hulud” AI Supply Chain Malware, Hitting NPM Fleet

Do Son May 19, 2026

The threat collective recognized as TeamPCP, historically notorious for orchestrating supply chain incursions within the NPM ecosystem,...

Broken by Design: How VECT 2.0 Ransomware Becomes a Permanent Data Wiper VECT

VECT

Broken by Design: How VECT 2.0 Ransomware Becomes a Permanent Data Wiper

Do Son April 30, 2026

A new investigation by Check Point Research (CPR) has revealed that the “ambitious” VECT 2.0 ransomware—currently targeting...

TeamPCP Hijacks Checkmarx in Sprawling Supply Chain Strike Checkmarx Supply Chain Attack TeamPCP

Checkmarx Supply Chain Attack TeamPCP

TeamPCP Hijacks Checkmarx in Sprawling Supply Chain Strike

Do Son April 23, 2026

The cybersecurity world is facing a sprawling supply chain compromise as official distribution channels for Checkmarx, a...

Supply Chain Alert: TeamPCP Strikes Popular AI Framework Xinference Xinference Supply Chain Attack TeamPCP

Xinference Supply Chain Attack TeamPCP

Supply Chain Alert: TeamPCP Strikes Popular AI Framework Xinference

Do Son April 23, 2026

The Python ecosystem is reeling from a sophisticated supply chain attack targeting Xinference (Xorbits Inference), a widely...

The EU’s AWS “Master Key”: How a Compromised Trivy Update Leaked 340GB of Data

Apple Google EU alliance DMA European Commission Breach Trivy Supply Chain Attack Europa.eu Breach EU Cloud Infrastructure EU Cyber Sanctions State-Sponsored Hacking EU 2040 Emissions Target, Europe Climate Leadership AWS Azure DMA Cloud Gatekeeper DSA violation, illegal content Apple DMA Delay, iPhone Mirroring EU EU Age Verification, Google Play Integrity Corning Antitrust, EU Competition Apple EU Digital Markets Act App Store commission European Union cyberattacks - InvestAI EU Targets Musk’s X Digital Markets Act, EU fines

The EU’s AWS “Master Key”: How a Compromised Trivy Update Leaked 340GB of Data

Do Son April 3, 2026

The digital defenses of the European Union faced a significant test this March as a sophisticated supply-chain...

95 Million Downloads Hijacked: The LiteLLM PyPI Backdoor Targeting AI Developers LiteLLM PyPI Supply Chain Attack

LiteLLM PyPI Supply Chain Attack

95 Million Downloads Hijacked: The LiteLLM PyPI Backdoor Targeting AI Developers

Do Son March 25, 2026

A relentless cyber-espionage campaign has expanded its reach into the heart of the AI development ecosystem. Security...