Supply Chain Threat: TeamPCP Trojanizes Microsoft Python SDK and Targets Multiple Package Ecosystems
What Happened — Threat actors behind the TeamPCP campaign have compromised three major software package ecosystems. They injected malicious code into an officially‑published Microsoft Python SDK and have also released a self‑authored framework on GitHub that can be used to further propagate the payload.
Why It Matters for TPRM —
- Supply‑chain compromises can affect any downstream vendor that consumes the tainted libraries, expanding risk far beyond the original target.
- Malicious SDKs can introduce persistent backdoors into enterprise applications, undermining security controls and compliance.
- Open‑source distribution amplifies the attack surface, making detection and remediation more complex for third‑party risk teams.
Who Is Affected — Technology SaaS providers, cloud‑native developers, enterprises that integrate Microsoft Python SDKs, and any organization that pulls packages from the compromised ecosystems (e.g., PyPI, npm, Maven).
Recommended Actions —
- Conduct an immediate inventory of all third‑party libraries in use, focusing on Microsoft‑published Python SDKs and any packages sourced from the affected ecosystems.
- Block or quarantine the compromised SDK version and replace it with a clean, verified release.
- Review and tighten SBOM (Software Bill of Materials) processes and enforce strict provenance checks for all open‑source components.
Technical Notes — Attack vector: third‑party dependency injection via compromised package repositories. No specific CVE disclosed; the malicious code was embedded directly into the SDK source. Data types potentially exposed include source code, API keys, and credential files bundled with the SDK. Source: SANS Internet Storm Center