| ▲ | ramimac 15 hours ago | |
We haven't blogged this yet, but a variety of teams found this in parallel. The packages are quarantined by PyPi Follow the overall incident: https://ramimac.me/teampcp/#phase-10 Aikido/Charlie with a very quick blog: https://www.aikido.dev/blog/telnyx-pypi-compromised-teampcp-... ReversingLabs, JFrog also made parallel reports | ||
| ▲ | Scaevolus 3 hours ago | parent | next [-] | |
I'm glad there's many teams with automated scans of pypi and npm running. It elevates the challenge of making a backdoor that can survive for any length of time. | ||
| ▲ | Imustaskforhelp 12 hours ago | parent | prev [-] | |
Ramimac, has there been any action on having the c2 server's ip address being blacklisted? The blast radius of TeamPCP just keeps on increasing... | ||