FBI: Cyber Criminal Group TeamPCP


The Federal Bureau of Investigation (FBI) is releasing this FLASH to highlight the tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) associated with the cyber criminal group TeamPCP. TeamPCP actors have conducted large-scale software supply chain compromises by targeting widely used developers and security tools, gaining access to victim environments and extracting sensitive data, including but not limited to cloud access tokens, SSH keys, and Kubernetes secrets. The FBI encourages organizations to contact the FBI if they have been compromised, and to implement the actions in the Recommendations section to reduce the likelihood and impact of compromise by TeamPCP actors.

Read more…
Source: U.S. Federal Bureau of Investigation Cyber Division


Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox


Related:

  • Fake GTA VI beta keys are already draining cryptocurrency wallets worldwide

    June 27, 2026

    Grand Theft Auto VI is not due on consoles until November 19 2026, but official preorders open soon, and cybersecurity researchers have warned criminals are already exploiting the wait with a coordinated wave of fraudulent websites. Malwarebytes and NordVPN have both flagged sites promising “VIP early access” or exclusive beta keys to one of gaming’s most anticipated ...

  • Russian Intelligence Services Continue to Target Commercial Messaging Applications

    June 26, 2026

    The FBI and CISA are issuing this update to the March 20, 2026, Public Service Announcement I-032026-PSA to provide additional information to the public and encourage device owners to take actions to protect themselves. The FBI has identified multiple clusters of Russian Intelligence Services (RIS) cyber threat actors responsible for an ongoing commercial messaging application (CMA) phishing campaign against individuals of high ...

  • Russian hackers were behind $2.5B hack of Jaguar Land Rover

    June 26, 2026

    Last year, hackers attacked car giant Jaguar Land Rover (JPL), one of the U.K.’s biggest employers. The hack halted production for months and made a dent in the country’s economy. The damage was so severe that the U.K. government decided to bail out the company with a £1.5 billion (around $2 billion) payment, and estimates say the hack cost the British ...

  • Polymarket says hackers stole users’ funds

    June 25, 2026

    Prediction market giant Polymarket confirmed that hackers stole funds from an unspecified number of users after a third-party breach. In an X post on Thursday, Polymarket said that a compromise at a third-party vendor allowed hackers to inject malicious code into its website “for some users.” The company said it has “contained” the incident and is ...

  • Self-destructing Mistic backdoor linked to access broker selling corporate footholds to ransomware gangs

    June 25, 2026

    A new self-destructing backdoor called Mistic used in intrusions since April appears to be linked to a criminal gang that compromises corporate networks and then sells that access to ransomware groups, according to security researchers. This backdoor, also tracked as MLTBackdoor, was first documented by Zscaler earlier this month, with the security shop suggesting the novel malware is ...

  • Almost half of ransomware victims have data stolen before they can even detect an intrusion

    June 25, 2026

    Criminals are getting better at hiding within their victims’ infrastructure, lurking and stealing files without triggering any alarms whatsoever. Earlier today, network detection and response experts ExtraHop released the “Global Threat Landscape Report”, based on a survey of more than 1,800 IT and security leaders worldwide. In it, it is said that roughly half (49%) of ...