Databricks is scrambling to verify a potential TeamPCP breach, while the group unleashes dual ransomware tracks and dumps AstraZeneca data for free. This isn't just another hack—it's a monetization masterclass.
Mercor just admitted it: TeamPCP's LiteLLM poison pill hit hard. Wiz peels back the post-breach playbook, showing how attackers feast on cloud creds.
One npm install, and boom—your cloud keys are en route to a hacker's server. Axios, the unsung hero of JS networking, just got turned into a trojan horse.
LiteLLM lurks in 36% of cloud environments — and now it's bitten Mercor hard. Extortionists boast 4TB of pilfered data, from video interviews to VPN creds.
A single hijacked maintainer turned Axios—the JS HTTP king with 100 million weekly downloads—into a RAT delivery vehicle. North Korean actors bet big on supply chain chaos, and it almost paid off.
Attackers slipped infostealers into GitHub Actions and PyPI, turning vulnerability scanners against their users. Over 500,000 machines lost cloud tokens, SSH keys, and Kubernetes secrets in this escalating nightmare.