The TeamPCP Supply Chain Cascade: How One Compromised Security Scanner Led to 3 Million Daily Downloads of Crypto-Stealing Malware
python
dev.to
The TeamPCP Supply Chain Cascade: How One Compromised Security Scanner Led to 3 Million Daily Downloads of Crypto-Stealing Malware From Trivy to npm to LiteLLM — a five-day campaign that weaponized the tools developers trust most, targeting Solana validators, Ethereum wallets, and every secret in your CI/CD pipeline. The Five-Day Kill Chain That Rewrote Supply Chain Threat Models On March 19, 2026, a threat actor group called TeamPCP compromised Trivy, Aqua Security's v