TeamPCP Supply Chain Campaign Trojans Microsoft‑Published Python SDK and Three Package Ecosystems
What Happened — Threat actor TeamPCP has been observed compromising three distinct software‑package ecosystems. The group injected malicious code into an officially Microsoft‑published Python SDK and also leveraged its own internal codebase and an open‑source framework hosted on GitHub to distribute trojanized packages. Activity continues through 2026‑05‑24.
Why It Matters for TPRM —
- Supply‑chain compromises bypass traditional perimeter defenses, exposing downstream customers to hidden malware.
- A trojanized Microsoft SDK can be automatically pulled into enterprise CI/CD pipelines, contaminating internal applications.
- The multi‑ecosystem approach widens the attack surface, affecting any organization that consumes third‑party libraries.
Who Is Affected — Technology / SaaS vendors, financial services, healthcare, government agencies, and any third‑party that integrates Python SDKs or other package‑manager dependencies.
Recommended Actions —
- Conduct an inventory of all third‑party libraries, especially the Microsoft Python SDK, and verify integrity via checksums or signed packages.
- Enforce strict SBOM (Software Bill of Materials) controls and implement automated dependency scanning for malicious code.
- Review vendor security attestations for supply‑chain hygiene; consider restricting automatic imports from public registries.
Technical Notes — Attack vector: compromised third‑party dependency (Python SDK) delivered through package managers; also malicious GitHub repositories serving as drop‑points. No specific CVE disclosed. Data types potentially exposed include source code, build artifacts, and any credentials embedded in compromised packages. Source: SANS Internet Storm Center