Signal
TeamPCP expands supply chain attacks targeting LiteLLM PyPI package amid broader OSS compromises
Evidence first: scan the strongest sources, then decide whether to go deeper.
Published 2026-03-25 11:09 UTCUpdated 2026-03-25 19:22 UTC
rss
supply_chainmalwarecredential_theftthreat_actoropen_sourceincident_response
Source links open
Source links and full evidence are open here. Archive history, compare-over-time, alerts, exports, API, integrations, and workflow are paid.
No card needed for the free brief.
Evidence trail (top sources)
top sources (4 domains)domains are deduped. counts indicate coverage, not truth.4 top sources shown
Overview
The TeamPCP threat group has intensified its supply chain attack campaign by compromising the widely used LiteLLM Python package on PyPI.
Entities
PyPILapsus$Mandiant ConsultingSonatypeLiteLLMTrivyDocker HubVS Code
Score total
1.61
Momentum 24h
7
Posts
7
Origins
5
Source types
1
Duplicate ratio
0%
Why now
- Recent LiteLLM PyPI compromise follows a major Trivy supply chain breach affecting over 1,000 SaaS environments.
- The attacks demonstrate an escalation from development pipelines to production systems, increasing risk.
- Ongoing collaboration between threat actors signals continued and expanding supply chain threats.
Why it matters
- Supply chain attacks on widely used open-source packages risk exposing sensitive cloud and developer credentials.
- Compromise of CI/CD pipelines and production environments enables extensive lateral movement and persistent threats.
- Collaboration between threat groups like TeamPCP and Lapsus$ amplifies the scale and impact of attacks.
LLM analysis
Topic mix: lowPromo risk: lowSource quality: medium
Recurring claims
- TeamPCP compromised LiteLLM PyPI packages with credential-stealing malware
- Trivy supply chain breach compromised over 1,000 SaaS environments and involved Lapsus$ extortion collaboration
- TeamPCP’s campaign spans multiple OSS platforms including Docker Hub, VS Code, PyPI, and NPM
How sources frame it
- SC Media: neutral
- CSO Online: neutral
- SecurityWeek: neutral
This briefing consolidates multiple reports on TeamPCP's expanding supply chain attacks, highlighting the evolving tactics and broad impact across open-source ecosystems.
All evidence
All evidence
TeamPCP supply chain attack hits LiteLLM PyPI package
SC Media · scworld.com · 2026-03-25 19:22 UTC
Trivy supply chain breach compromises over 1,000 SaaS environments, Lapsus$ joins the extortion wave
CSO Online · csoonline.com · 2026-03-25 12:04 UTC
TeamPCP Expands Supply Chain Campaign With LiteLLM PyPI Compromise
Infosecurity Magazine · infosecurity-magazine.com · 2026-03-25 12:00 UTC
From Trivy to Broad OSS Compromise: TeamPCP Hits Docker Hub, VS Code, PyPI
SecurityWeek · securityweek.com · 2026-03-25 11:55 UTC
LiteLLM PyPI packages compromised in expanding TeamPCP supply chain attacks
Help Net Security · helpnetsecurity.com · 2026-03-25 11:50 UTC
Show filters & breakdown
Posts loaded: 0Publishers: 5Origin domains: 5Duplicates: -
Showing 5 / 0
Top publishers (this list)
- SC Media (1)
- CSO Online (1)
- Infosecurity Magazine (1)
- SecurityWeek (1)
- Help Net Security (1)
Top origin domains (this list)
- scworld.com (1)
- csoonline.com (1)
- infosecurity-magazine.com (1)
- securityweek.com (1)
- helpnetsecurity.com (1)