Skip to content
supplychainattack.orgSupply chain attack incident catalog
activecritical

The Worm That Keeps on Digging: TeamPCP Hits @antv in Latest Wave

TeamPCP conducted a multi-ecosystem supply chain compromise targeting the @antv package and associated development infrastructure. The attack leveraged GitHub, NPM, and VSCode to steal credentials and establish persistence mechanisms.

ShareXLinkedInHacker News
Disclosed
Last updated
Blast radius
Multi-ecosystem; affects GitHub, NPM, and VSCode users; credential theft and persistence mechanisms enable lateral movement.
Ecosystems
npmOther
Attack vectors
Account takeoverCompromised packageMalicious maintainer
Threat actor
TeamPCP
Affected entities
  • @antvTargeted by TeamPCP in supply chain compromise

TeamPCP has been identified as the actor behind a multi-ecosystem supply chain compromise targeting @antv. The attack exploited multiple platforms including GitHub, NPM, and VSCode to establish a foothold in developer environments.

The threat actor employed credential theft and persistence techniques to enable ongoing access and lateral movement. The compromise affects both the package distribution channel (NPM) and developer tooling (VSCode), indicating a sophisticated approach to supply chain infiltration.

This represents an active threat leveraging account compromise or package manipulation to distribute malicious code across multiple connected ecosystems. Organizations using @antv should audit their environments for unauthorized access and review package integrity.

Remediation

  • Immediately audit and revoke any credentials exposed through GitHub or VSCode integrations
  • Review @antv package versions and their installation sources; verify package integrity and provenance
  • Scan development environments for persistence mechanisms or suspicious artifacts
  • Monitor GitHub and NPM accounts for unauthorized activity or commits
  • Implement Code Signing verification for package installations
  • Isolate affected systems and conduct forensic analysis to identify lateral movement
  • Apply principle of least privilege to GitHub tokens and NPM credentials

Sources

  1. The Worm That Keeps on Digging: TeamPCP Hits @antv in Latest Wave · Wiz

Cite this entry

"The Worm That Keeps on Digging: TeamPCP Hits @antv in Latest Wave." supplychainattack.org, Supply Chain Attack Incident Catalog. Disclosed May 19, 2026; last updated June 7, 2026. https://supplychainattack.org/incident/the-worm-that-keeps-on-digging-teampcp-hits-antv-in-latest-wave-1lm5r0

Suggest a correction

Found an error or have a newer source? Corrections to factual errors take priority over new entries.

Related incidents

  1. activecritical

    Shai-Hulud: Here We Go Again. Mass npm Supply Chain Attack Hits the AntV Ecosystem

    A new wave of the Mini Shai-Hulud worm has compromised multiple npm packages across Alibaba's AntV data visualization ecosystem, including echarts-for-react and timeago.js. Stolen CI/CD secrets are being exfiltrated and dumped to thousands of public GitHub repositories as the attack spreads.

    Mini Shai HuludnpmOtherCompromised packageAccount takeover
  2. activecritical

    Shai-Hulud Worm Pivots to Multi-Cloud: intercom-client@7.0.4 Hijacked — 361,000 Weekly Downloads, AWS, GCP, and Azure Credentials Now in Scope

    The Shai-Hulud worm has hijacked intercom-client@7.0.4 (361,510 weekly downloads) via a compromised GitHub Actions OIDC publishing pipeline, 29 hours after compromising mbt@1.2.48 and @cap-js/sqlite@2.2.2. The worm is actively propagating through CI/CD infrastructure stolen from earlier victims, targeting multi-cloud credentials (AWS, GCP, Azure).

    Shai-HuludnpmOtherCompromised packageBuild-system compromiseAccount takeover
  3. containedhigh

    400+ AUR Packages Hijacked: What the “Atomic Arch” Campaign Means for Supply-Chain Security

    On June 11, 2026, attackers hijacked over 400 packages in the Arch User Repository (AUR), converting them into a malware delivery network. The "Atomic Arch" campaign represents a large-scale compromise of developer accounts or package maintainers within the Arch Linux ecosystem.

    Atomic ArchOtherAccount takeoverMalicious maintainer
  4. resolvedcritical

    Behind the Scenes: How StepSecurity Detected and Helped Remediate the Largest npm Supply Chain Attack

    StepSecurity detected a compromise of axios, described as the largest npm supply chain attack on a single package by download count. A state-sponsored threat actor is reported to have actively suppressed warnings by deleting GitHub issues. Detection occurred before public disclosure.

    UNC1069npmCompromised packageMalicious maintainer