HomeIntelligenceBrief
BREACH BRIEF🟠 High ThreatIntel

TeamPCP Supply Chain Campaign Trojans Microsoft‑Published Python SDK and Multiple Package Ecosystems

TeamPCP has injected malicious code into a Microsoft‑published Python SDK and is operating across three software‑package ecosystems. The campaign threatens any organization that relies on third‑party libraries, making supply‑chain hygiene a critical TPRM focus.

LiveThreat™ Intelligence · 📅 May 25, 2026· 📰 isc.sans.edu
🟠
Severity
High
TI
Type
ThreatIntel
🎯
Confidence
High
🏢
Affected
4 sector(s)
Actions
4 recommended
📰
Source
isc.sans.edu

TeamPCP Supply Chain Campaign Trojans Microsoft‑Published Python SDK and Three Package Ecosystems

What Happened — Threat actor TeamPCP has been observed compromising three distinct software‑package ecosystems. The group injected malicious code into an officially Microsoft‑published Python SDK and also leveraged its own internal codebase and an open‑source framework hosted on GitHub to distribute trojanized packages. Activity continues through 2026‑05‑24.

Why It Matters for TPRM

  • Supply‑chain compromises bypass traditional perimeter defenses, exposing downstream customers to hidden malware.
  • A trojanized Microsoft SDK can be automatically pulled into enterprise CI/CD pipelines, contaminating internal applications.
  • The multi‑ecosystem approach widens the attack surface, affecting any organization that consumes third‑party libraries.

Who Is Affected — Technology / SaaS vendors, financial services, healthcare, government agencies, and any third‑party that integrates Python SDKs or other package‑manager dependencies.

Recommended Actions

  • Conduct an inventory of all third‑party libraries, especially the Microsoft Python SDK, and verify integrity via checksums or signed packages.
  • Enforce strict SBOM (Software Bill of Materials) controls and implement automated dependency scanning for malicious code.
  • Review vendor security attestations for supply‑chain hygiene; consider restricting automatic imports from public registries.

Technical Notes — Attack vector: compromised third‑party dependency (Python SDK) delivered through package managers; also malicious GitHub repositories serving as drop‑points. No specific CVE disclosed. Data types potentially exposed include source code, build artifacts, and any credentials embedded in compromised packages. Source: SANS Internet Storm Center

📰 Original Source
https://isc.sans.edu/diary/rss/33014

This LiveThreat Intelligence Brief is an independent analysis. Read the original reporting at the link above.

From the Verisq platform · Vendor Risk Hub

This is the scenario continuous vendor monitoring is built to catch.

When a vendor is compromised, your SOC 2 vendor-management controls are what produce the audit trail showing you knew, assessed, and acted. The Verisq AI Trust Operations platform tracks that continuously.

Explore the Verisq AI Trust Operations platform →