{
  "name": "Weaponizing the Protectors: TeamPCPs Multi-Stage Supply Chain Attack on Security Infrastructure",
  "slug": "weaponizing-the-protectors-teampcps-multi-stage-supply-chain-attack-on-security-infrastructure",
  "description": "Between late February and March 2026, threat group TeamPCP conducted a highly calculated, escalating sequence of supply chain threats. It systematically compromised widely trusted open-source security tools, including the vulnerability scanners Trivy and KICS and the popular AI gateway LiteLLM. The affected software also includes the official Python SDK of Telnyx.",
  "published": "2026-04-01T00:05:28+00:00",
  "created_at": "2026-04-01T00:05:28+00:00",
  "modified_at": "2026-04-01T08:24:45+00:00",
  "created_at_opencti": "2026-04-01T00:05:28+00:00",
  "author": "",
  "confidence": null,
  "report_types": [],
  "labels": [],
  "tags": [
    "2026-04-01",
    "CVE-2025-55182",
    "canisterworm",
    "supply chain attack",
    "teampcp",
    "wiper"
  ],
  "related_entities": {
    "observables": [
      {
        "id": "",
        "name": "195.5.171.242"
      },
      {
        "id": "",
        "name": "23.142.184.129"
      },
      {
        "id": "",
        "name": "63.251.162.11"
      },
      {
        "id": "",
        "name": "83.142.209.203"
      },
      {
        "id": "",
        "name": "209.34.235.18"
      },
      {
        "id": "",
        "name": "212.71.124.188"
      },
      {
        "id": "",
        "name": "45.148.10.212"
      },
      {
        "id": "",
        "name": "83.142.209.11"
      },
      {
        "id": "",
        "name": "41c4f2f37c0b257d1e20fe167f2098da9d2e0a939b09ed3f63bc4fe010f8365c"
      },
      {
        "id": "",
        "name": "bef7e2c5a92c4fa4af17791efc1e46311c0f304796f1172fce192f5efc40f5d7"
      },
      {
        "id": "",
        "name": "0c0d206d5e68c0cf64d57ffa8bc5b1dad54f2dda52f24e96e02e237498cb9c3a"
      },
      {
        "id": "",
        "name": "f7084b0229dce605ccc5506b14acd4d954a496da4b6134a294844ca8d601970d"
      },
      {
        "id": "",
        "name": "6328a34b26a63423b555a61f89a6a0525a534e9c88584c815d937910f1ddd538"
      },
      {
        "id": "",
        "name": "0880819ef821cff918960a39c1c1aada55a5593c61c608ea9215da858a86e349"
      },
      {
        "id": "",
        "name": "e4edd126e139493d2721d50c3a8c49d3a23ad7766d0b90bc45979ba675f35fea"
      },
      {
        "id": "",
        "name": "cd08115806662469bbedec4b03f8427b97c8a4b3bc1442dc18b72b4e19395fe3"
      },
      {
        "id": "",
        "name": "f398f06eefcd3558c38820a397e3193856e4e6e7c67f81ecc8e533275284b152"
      },
      {
        "id": "",
        "name": "ecce7ae5ffc9f57bb70efd3ea136a2923f701334a8cd47d4fbf01a97fd22859c"
      },
      {
        "id": "",
        "name": "61ff00a81b19624adaad425b9129ba2f312f4ab76fb5ddc2c628a5037d31a4ba"
      },
      {
        "id": "",
        "name": "887e1f5b5b50162a60bd03b66269e0ae545d0aef0583c1c5b00972152ad7e073"
      },
      {
        "id": "",
        "name": "e87a55d3ba1c47e84207678b88cacb631a32d0cb3798610e7ef2d15307303c49"
      },
      {
        "id": "",
        "name": "7df6cef7ab9aae2ea08f2f872f6456b5d51d896ddda907a238cd6668ccdc4bb7"
      },
      {
        "id": "",
        "name": "d5edd791021b966fb6af0ace09319ace7b97d6642363ef27b3d5056ca654a94c"
      },
      {
        "id": "",
        "name": "e64e152afe2c722d750f10259626f357cdea40420c5eedae37969fbf13abbecf"
      },
      {
        "id": "",
        "name": "d8caf4581c9f0000c7568d78fb7d2e595ab36134e2346297d78615942cbbd727"
      },
      {
        "id": "",
        "name": "0c6a3555c4eb49f240d7e0e3edbfbb3c900f123033b4f6e99ac3724b9b76278f"
      },
      {
        "id": "",
        "name": "7b5cc85e82249b0c452c66563edca498ce9d0c70badef04ab2c52acef4d629ca"
      },
      {
        "id": "",
        "name": "822dd269ec10459572dfaaefe163dae693c344249a0161953f0d5cdd110bd2a0"
      },
      {
        "id": "",
        "name": "5e2ba7c4c53fa6e0cef58011acdd50682cf83fb7b989712d2fcf1b5173bad956"
      },
      {
        "id": "",
        "name": "e9b1e069efc778c1e77fb3f5fcc3bd3580bbc810604cbf4347897ddb4b8c163b"
      },
      {
        "id": "",
        "name": "1e559c51f19972e96fcc5a92d710732159cdae72f407864607a513b20729decb"
      },
      {
        "id": "",
        "name": "30015dd1e2cf4dbd49fff9ddef2ad4622da2e60e5c0b6228595325532e948f14"
      },
      {
        "id": "",
        "name": "c37c0ae9641d2e5329fcdee847a756bf1140fdb7f0b7c78a40fdc39055e7d926"
      },
      {
        "id": "",
        "name": "18a24f83e807479438dcab7a1804c51a00dafc1d526698a66e0640d1e5dd671a"
      },
      {
        "id": "",
        "name": "7321caa303fe96ded0492c747d2f353c4f7d17185656fe292ab0a59e2bd0b8d9"
      },
      {
        "id": "",
        "name": "e6310d8a003d7ac101a6b1cd39ff6c6a88ee454b767c1bdce143e04bc1113243"
      }
    ],
    "malware": [
      {
        "id": "legacy:malware:6553177d838ab945",
        "name": "CanisterWorm",
        "slug": "canisterworm"
      }
    ],
    "intrusion_sets": [
      {
        "id": "5255c6ce-4692-4aea-b599-0e78a6c4c4aa",
        "name": "TeamPCP",
        "slug": "teampcp"
      }
    ],
    "vulnerabilities": [
      {
        "id": "",
        "name": "CVE-2025-55182"
      }
    ],
    "others": [
      {
        "id": "",
        "name": "souls-entire-defined-routes.trycloudflare.com"
      },
      {
        "id": "",
        "name": "plug-tab-protective-relay.trycloudflare.com"
      },
      {
        "id": "",
        "name": "tdtqy-oyaaa-aaaae-af2dq-cai.raw.icp0.io"
      },
      {
        "id": "",
        "name": "create-sensitivity-grad-sequence.trycloudflare.com"
      },
      {
        "id": "",
        "name": "championships-peoples-point-cassette.trycloudflare.com"
      },
      {
        "id": "",
        "name": "investigation-launches-hearings-copying.trycloudflare.com"
      }
    ]
  },
  "external_refs": [
    "https://unit42.paloaltonetworks.com/teampcp-supply-chain-attacks/",
    "https://otx.alienvault.com/pulse/69cc7d68d7158977ab0c0d1d"
  ]
}