TeamPCP Supply Chain Attacks

Federal Bureau of Investigation (FBI) / Internet Crime Complaint Center (IC3) other 2026-07-02T00:00:00

Abstract

The Federal Bureau of Investigation (FBI) is releasing this FLASH to highlight the tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) associated with the cyber criminal group TeamPCP. TeamPCP actors have conducted large-scale software supply chain compromises by targeting widely used developers and security tools, gaining access to victim environments and extracting sensitive data, including but not limited to cloud access tokens, SSH keys, and Kubernetes secrets. The FBI encourages organizations to contact the FBI if they have been compromised, and to implement the actions in the Recommendations section to reduce the likelihood and impact of compromise by TeamPCP actors.

Loading executive summary...
Loading full markdown...

Your browser does not support inline PDF viewing.

Download the PDF to view it.

Match Rate: 10.00/10 (Relevance to core cybersecurity goals)

LINK COPIED TO CLIPBOARD