Fetching from the wire…
Source-backed findings, relationship evidence, citations, and briefing history from the public MindPattern archive.
TeamPCP executed supply chain attack on LiteLLM
Source findingTeamPCP compromised LiteLLM via PyPI supply chain attack.
Source findingTeamPCP injected malicious payload into LiteLLM.
Source findingTeamPCP injected malicious code into LiteLLM package.
Source findingTeamPCP compromised Trivy to gain credentials for poisoning LiteLLM.
Source findingTeamPCP executed a supply chain attack on LiteLLM versions 1.82.7-1.82.8.
Source findingTeamPCP campaign compromised Aqua Security's Trivy scanner.
Source findingTeamPCP compromised the trivy-action GitHub Action for the second time in March.
Source findingTeamPCP exploited Langflow RCE vulnerability CVE-2026-33017 within 20 hours of publication.
Source findingTeamPCP compromised Trivy via tag poisoning, forcing commit hash pinning security requirements.
Source findingTeamPCP worm variant compromised npm packages and spread to PyPI.
Source findingTeamPCP compromised LiteLLM packages (1.82.7 and 1.82.8) on PyPI with a backdoored .pth file.
Source finding