pypi

The 48-Hour Secrets Sprint: How Three Registries Were Swept in One Weekend

John Z Black Apr 23, 2026

Threat Intelligence #supply-chain #npm #pypi #teampcp #xinference #canisterworm #checkmarx-kics #secrets-theft #devsecops

A coordinated 48-hour sprint hit npm, PyPI, and Docker Hub, targeting developer secrets at scale. From infected AI libraries to a trojanized security scanner, the supply chain is moving faster than your detection.

Apple Patched the Door. Attackers Used the Window.

John Z Black Apr 10, 2026

Threat Intelligence #atomic-stealer #amos #macos #clickfix #script-editor #malware #pypi #litellm #supply-chain

macOS 26.4 added Terminal security scanning to block ClickFix attacks. Within 48 hours, Atomic Stealer was back, running through Script Editor instead. One click. No warning.

TeamPCP Is Not a Hacker Group Anymore. It's a Cloud Crime Platform.

John Z Black Mar 28, 2026

Ransomware & Cybercrime #teampcp #canisterworm #vect #ransomware #supply-chain #blockchain #icp #pypi #cloud-security

TeamPCP has graduated from opportunistic attacker to full-spectrum criminal platform -- with blockchain C2 that law enforcement can't seize and a live ransomware affiliate program that costs $250 to join.