Executive Summary
In May 2026, the cybercriminal group TeamPCP executed a sophisticated supply chain attack targeting multiple software ecosystems. The campaign involved compromising the Nx Console VS Code extension, leading to the exfiltration of approximately 3,800 internal GitHub repositories. Additionally, TeamPCP trojanized Microsoft's durabletask Python SDK on PyPI and injected malicious code into 639 versions of 323 npm packages within the @antv ecosystem. These attacks resulted in significant credential theft and potential data loss across affected organizations.
This incident underscores the escalating threat posed by supply chain attacks, particularly those targeting widely used development tools and libraries. The rapid succession and scale of these compromises highlight the need for enhanced vigilance and security measures within software development and deployment pipelines.
Why This Matters Now
The TeamPCP attacks demonstrate the increasing sophistication and frequency of supply chain compromises, emphasizing the urgent need for organizations to reassess and strengthen their software supply chain security practices to prevent similar incidents.
Attack Path Analysis
The TeamPCP supply chain attack began with the compromise of developer credentials, leading to the publication of malicious packages and extensions. These were installed by developers, allowing attackers to escalate privileges and move laterally within internal systems. The attackers established command and control channels to exfiltrate sensitive data, resulting in the theft of approximately 3,800 GitHub-internal repositories. The impact extended to downstream victims, including OpenAI, Grafana Labs, and Mistral AI.
Kill Chain Progression
Initial Compromise
Description
Attackers compromised developer credentials to publish malicious versions of the Nx Console VS Code extension and other packages.
Related CVEs
CVE-2026-45321
CVSS 9.6Exploitation of GitHub Actions OIDC token to publish malicious npm packages, leading to credential theft.
Affected Products:
TanStack TanStack Router – *
Exploit Status:
exploited in the wild
MITRE ATT&CK® Techniques
Compromise Software Supply Chain
Valid Accounts
Credentials from Password Stores
Application Layer Protocol: Web Protocols
Data Destruction
Potential Compliance Exposure
Mapping incident impact across multiple compliance frameworks.
PCI DSS 4.0 – Ensure all system components and software are protected from known vulnerabilities
Control ID: 6.2
NYDFS 23 NYCRR 500 – Cybersecurity Policy
Control ID: 500.03
DORA – ICT Risk Management Framework
Control ID: Article 5
CISA ZTMM 2.0 – Supply Chain Risk Management
Control ID: 3.1
NIS2 Directive – Cybersecurity Risk Management Measures
Control ID: Article 21
Sector Implications
Industry-specific impact of the vulnerabilities, including operational, regulatory, and cloud security risks.
Computer Software/Engineering
Critical exposure through compromised developer tools, VS Code extensions, and CI/CD pipelines enabling credential theft and lateral movement across software development infrastructure.
Information Technology/IT
High risk from supply chain attacks targeting package ecosystems, developer credentials, and cloud infrastructure with multi-stage payload deployment and persistence mechanisms.
Financial Services
Significant threat from credential harvesting targeting AWS, Azure, GCP tokens and payment processing keys through compromised development tools and CI/CD systems.
Health Care / Life Sciences
Elevated risk due to HIPAA compliance requirements and potential exposure through developer endpoint compromises affecting protected health information systems and cloud infrastructure.
Sources
- TeamPCP Supply Chain Campaign: Activity Through 2026-05-24, (Mon, May 25th)https://isc.sans.edu/diary/rss/33016Verified
- CVE-2026-45321 Detailhttps://nvd.nist.gov/vuln/detail/CVE-2026-45321Verified
- GitHub links repo breach to TanStack npm supply-chain attackhttps://www.bleepingcomputer.com/news/security/github-links-repo-breach-to-tanstack-npm-supply-chain-attack/amp/Verified
- GitHub, Grafana Labs breaches traced back to TanStack supply chain compromisehttps://www.helpnetsecurity.com/2026/05/21/github-grafana-breach-root-cause-nx-console/Verified
Frequently Asked Questions
Cloud Native Security Fabric Mitigations and ControlsCNSF
Aviatrix Zero Trust CNSF is relevant to this incident as it could have limited the attacker's ability to escalate privileges, move laterally, and exfiltrate sensitive data by enforcing strict segmentation and controlled access policies.
Control: Cloud Native Security Fabric (CNSF)
Mitigation: The attacker's ability to distribute malicious packages may have been constrained, reducing the likelihood of widespread initial compromise.
Control: Zero Trust Segmentation
Mitigation: The attacker's ability to escalate privileges could have been limited, reducing the scope of their access within the environment.
Control: East-West Traffic Security
Mitigation: The attacker's lateral movement within internal systems could have been constrained, reducing the potential spread of the attack.
Control: Multicloud Visibility & Control
Mitigation: The attacker's ability to establish command and control channels may have been limited, reducing their capacity to manage compromised systems.
Control: Egress Security & Policy Enforcement
Mitigation: The attacker's ability to exfiltrate sensitive data could have been constrained, reducing the volume of data exfiltrated.
The overall impact on affected organizations could have been reduced, limiting potential intellectual property theft and operational disruptions.
Impact at a Glance
Affected Business Functions
- Software Development
- Continuous Integration/Continuous Deployment (CI/CD)
- Source Code Management
Estimated downtime: 7 days
Estimated loss: $5,000,000
Approximately 3,800 internal GitHub repositories, including proprietary source code and potentially sensitive information.
Recommended Actions
Key Takeaways & Next Steps
- • Implement Zero Trust Segmentation to restrict lateral movement within internal networks.
- • Enforce East-West Traffic Security to monitor and control internal communications.
- • Deploy Egress Security & Policy Enforcement to prevent unauthorized data exfiltration.
- • Utilize Multicloud Visibility & Control to detect and respond to anomalous activities across cloud environments.
- • Apply Inline IPS (Suricata) to identify and block known exploit patterns and malicious payloads.
