{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata. Fed continuously.","feed_url":"https://feed.craftedsignal.io/products/@antv/f2-vue/feed.json","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":["TeamPCP"],"_cs_cpes":[],"_cs_cves":[],"_cs_exploited":false,"_cs_has_poc":false,"_cs_poc_references":[],"_cs_products":["actions-cool/issues-helper","nrwl.angular-console (18.95.0)","@antv/a8","@antv/adjust","@antv/algorithm","@antv/async-hook","@antv/attr","@antv/ava","@antv/ava-react","@antv/awards","@antv/calendar-heatmap","@antv/chart-linter","@antv/chart-node-g6","@antv/chart-visualization-skills","@antv/ckb","@antv/color-schema","@antv/color-util","@antv/component","@antv/coord","@antv/d3-color","@antv/d3-interpolate","@antv/data-samples","@antv/data-set","@antv/data-wizard","@antv/dipper-component","@antv/dipper-hooks","@antv/dipper-map","@antv/dom-util","@antv/dumi-theme-antv","@antv/dw-analyzer","@antv/dw-random","@antv/dw-transform","@antv/dw-util","@antv/event-emitter","@antv/expr","@antv/f-charts","@antv/f-engine","@antv/f-lottie","@antv/f-my","@antv/f-react","@antv/f-test-utils","@antv/f-vue","@antv/f-wx","@antv/f2","@antv/f2-algorithm","@antv/f2-canvas","@antv/f2-context","@antv/f2-graphic","@antv/f2-my","@antv/f2-react","@antv/f2-site","@antv/f2-vue","@antv/f2-wordcloud","@antv/f2-wx","@antv/f6","@antv/f6-alipay","@antv/f6-core","@antv/f6-element","@antv/f6-hammerjs","@antv/f6-plugin","@antv/f6-ui","@antv/f6-wx","@antv/g6","@antv/g-base","@antv/g-camera-api","@antv/g-canvas","@antv/g-canvaskit","@antv/g-compat","@antv/g-components","@antv/g-css-layout-api","@antv/g-css-typed-om-api","@antv/g-device-api","@antv/g-dom-mutation-observer-api","@antv/g-gesture","@antv/g-image-exporter","@antv/g-layout-blocklike","@antv/g-lite","@antv/g-lottie-player","@antv/g-math","@antv/g-mobile","@antv/g-mobile-canvas","@antv/g-mobile-canvas-element","@antv/g-mobile-svg","@antv/g-mobile-webgl","@antv/g-pattern","@antv/g-perf","@antv/g-plugin-3d","@antv/g-plugin-a11y","@antv/g-plugin-annotation","@antv/g-plugin-box2d","@antv/g-plugin-canvas-path-generator","@antv/g-plugin-canvas-picker","@antv/g-plugin-canvas-renderer","@antv/g-plugin-canvaskit-renderer","@antv/g-plugin-control","@antv/g-plugin-css-select","@antv/g-plugin-device-renderer","@antv/g-plugin-dom-interaction","@antv/g-plugin-dragndrop","@antv/g-plugin-gesture","@antv/g-plugin-gpgpu","@antv/g-plugin-html-renderer","@antv/g-plugin-image-loader","@antv/g-plugin-matterjs","@antv/g-plugin-mobile-interaction","@antv/g-plugin-physx","@antv/g-plugin-rough-canvas-renderer","@antv/g-plugin-rough-svg-renderer","@antv/g-plugin-svg-picker","@antv/g-plugin-svg-renderer","@antv/g-plugin-webgl-device","@antv/g-plugin-webgl-renderer","@antv/g-plugin-webgpu-device","@antv/g-plugin-yoga","@antv/g-plugin-zdog-canvas-renderer","@antv/g-plugin-zdog-svg-renderer","@antv/g-shader-components","@antv/g-svg","@antv/g-web-animations-api","@antv/g-web-components","@antv/g-webgl","@antv/g-webgl-compute","@antv/g-webgpu","@antv/g-webgpu-compiler","@antv/g-webgpu-core","@antv/g-webgpu-engine","@antv/g-webgpu-raytracer","@antv/g-webgpu-unitchart","@antv/g2","@antv/g2-brush","@antv/g2-extension-3d","@antv/g2-extension-ava","@antv/g2-extension-plot","@antv/g2-plugin-slider","@antv/g2-ssr","@antv/g2plot","@antv/g2plot-schemas","@antv/g6-alipay","@antv/g6-cli","@antv/g6-core","@antv/g6-editor","@antv/g6-element","@antv/g6-extension-3d","@antv/g6-extension-react","@antv/g6-mobile","@antv/g6-pc","@antv/g6-plugin","@antv/g6-plugin-map-view","@antv/g6-plugins","@antv/g6-react-node","@antv/g6-ssr","@antv/g6-wx","@antv/gatsby-theme","@antv/geo-coord","@antv/gi-assets-advance","@antv/gi-assets-algorithm","@antv/gi-assets-basic","@antv/gi-assets-galaxybase","@antv/gi-assets-graphscope","@antv/gi-assets-hugegraph","@antv/gi-assets-janusgraph","@antv/gi-assets-neo4j","@antv/gi-assets-scene","@antv/gi-assets-tugraph","@antv/gi-assets-tugraph-analytics","@antv/gi-assets-xlab","@antv/gi-cli","@antv/gi-common-components","@antv/gi-mock-data","@antv/gi-public-data","@antv/gi-sdk","@antv/gi-sdk-app","@antv/gi-theme-antd","@antv/github-config-cli","@antv/gl-matrix","@antv/gpt-vis","@antv/gpt-vis-ssr","@antv/graphin","@antv/graphin-components","@antv/graphin-graphscope","@antv/graphin-icons","@antv/graphlib","@antv/hierarchy","@antv/infographic","@antv/insight-component","@antv/interaction","@antv/istanbul","@antv/knowledge","@antv/l7"],"_cs_severities":["high"],"_cs_tags":["supply-chain","credential-theft","persistence"],"_cs_type":"threat","_cs_vendors":["GitHub","NPM","VSCode","antv"],"content_html":"\u003cp\u003eOn May 19, 2026, a software supply chain attack targeting the open-source ecosystem reemerged, affecting NPM packages, GitHub Actions, and VSCode extensions. The distributed malware, attributed to TeamPCP with moderate confidence, is designed to harvest credentials, exfiltrate sensitive data, and establish persistent access on infected systems. The attack specifically targets NPM packages within the @antv namespace, the GitHub Actions actions-cool/issues-helper, and the VSCode extension nrwl.angular-console v18.95.0. The attackers used orphaned GitHub commits to host payloads and the bun package manager to install secondary payloads. The malware then exfiltrates collected data through attacker-created public GitHub repositories.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eMalicious NPM packages, GitHub Actions, or VSCode extensions are installed on a developer\u0026rsquo;s machine or CI/CD environment.\u003c/li\u003e\n\u003cli\u003eThe initial malicious code retrieves additional payloads from GitHub-hosted infrastructure, potentially stored in orphaned commits.\u003c/li\u003e\n\u003cli\u003eThe payloads are installed and executed using bun.\u003c/li\u003e\n\u003cli\u003eThe malware collects sensitive artifacts, including GitHub tokens, SSH keys, cloud credentials, and browser-stored secrets.\u003c/li\u003e\n\u003cli\u003eThe collected data is exfiltrated to attacker-controlled public GitHub repositories, with repositories created with the description \u003ccode\u003eniagA oG eW ereH :duluH-iahS\u003c/code\u003e (Shai-Hulud Here We Go Again).\u003c/li\u003e\n\u003cli\u003eA Python-based backdoor is installed at \u003ccode\u003e~/.local/share/kitty/cat.py\u003c/code\u003e to establish persistence.\u003c/li\u003e\n\u003cli\u003eThe backdoor periodically polls \u003ccode\u003eapi.github.com/search/commits?q=firedalazer\u003c/code\u003e for command-and-control messages containing the string \u003ccode\u003efiredalazer\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eUpon finding a valid signed instruction, the malware retrieves and executes remote Python code from attacker-controlled infrastructure, allowing remote execution.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eThis supply chain attack can lead to the compromise of developer credentials, cloud resources, and sensitive data. Successful exploitation allows attackers to gain persistent access to infected systems and CI/CD pipelines, potentially leading to further supply chain compromises and data breaches. The compromise of developer credentials can lead to unauthorized access to source code repositories, build systems, and production environments. The number of victims and the full extent of the damage are still under investigation.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eInvestigate developer workstations, CI/CD environments, and repositories for signs of compromise, auditing for the affected packages, GitHub Actions, and VSCode extensions listed in the appendix of this brief.\u003c/li\u003e\n\u003cli\u003eRotate potentially exposed GitHub tokens, SSH keys, cloud credentials, and CI/CD secrets due to the malware\u0026rsquo;s credential theft capabilities as described in the overview.\u003c/li\u003e\n\u003cli\u003eHunt for persistence mechanisms, including the presence of the file \u003ccode\u003e~/.local/share/kitty/cat.py\u003c/code\u003e, as detailed in the \u0026ldquo;File Paths\u0026rdquo; IOC section.\u003c/li\u003e\n\u003cli\u003eDeploy the \u0026ldquo;Detect TeamPCP Backdoor Polling for C2\u0026rdquo; Sigma rule to identify systems polling GitHub for commands.\u003c/li\u003e\n\u003cli\u003eBlock the C2 domain \u003ccode\u003em-kosche.com\u003c/code\u003e at the DNS resolver to prevent command and control communication as listed in the IOC table.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-05-19T08:38:35Z","date_published":"2026-05-19T08:38:35Z","id":"https://feed.craftedsignal.io/briefs/2026-05-teampcp-supply-chain/","summary":"TeamPCP is conducting a multi-ecosystem supply chain attack targeting the open-source ecosystem, specifically NPM packages, GitHub Actions, and VSCode extensions, to harvest credentials, exfiltrate sensitive data, and establish persistent access on infected systems via a Python-based backdoor.","title":"TeamPCP Multi-Ecosystem Supply Chain Attack","url":"https://feed.craftedsignal.io/briefs/2026-05-teampcp-supply-chain/"}],"language":"en","title":"CraftedSignal Threat Feed — @Antv/F2-Vue","version":"https://jsonfeed.org/version/1.1"}