Hackers News Hackers News
  • CyberSecurity News
  • Threats
  • Attacks
  • Vulnerabilities
  • Breaches
  • Comparisons

Social Media

Hackers News Hackers News
  • CyberSecurity News
  • Threats
  • Attacks
  • Vulnerabilities
  • Breaches
  • Comparisons
Search the Site
Popular Searches:
technology Amazon AI
Recent Posts
India Halts WhatsApp Usernames Rollout Due to Fraud Concerns
July 1, 2026
Critical Cursor IDE RCE Vulnerabilities Allow Zero-Click Prompt Injection
July 1, 2026
Automated Password Spray Attacks Target Microsoft Azure CLI
July 1, 2026
Home/CyberSecurity News/TeamPCP and BreachForums Offer $1,000 for Supply Chain Attacks
CyberSecurity News

TeamPCP and BreachForums Offer $1,000 for Supply Chain Attacks

Key Takeaways A new contest launched by TeamPCP and BreachForums incentivizes open-source supply chain attacks. Participants are tasked with infecting as many open-source packages as possible using...

David kimber
David kimber
May 14, 2026 3 Min Read
49 0

Key Takeaways

  • A new contest launched by TeamPCP and BreachForums incentivizes open-source supply chain attacks.
  • Participants are tasked with infecting as many open-source packages as possible using the “Shai-Hulud” tool.
  • Despite a modest $1,000 Monero prize, the initiative aims to recruit lower-tier hackers and expand TeamPCP’s access-broker operations.
  • The contest poses significant risks to the software supply chain, potentially leading to widespread compromise of CI/CD secrets, cloud credentials, and enterprise source code.

The dark corners of the cybercrime world are now actively promoting open-source supply chain attacks through a new, unsettling competition.

Table Of Content

  • Key Takeaways
  • Cybercrime Syndicate Launches Supply Chain Attack Contest
  • What You Should Do

Following a sustained campaign of infiltrating critical security tools and continuous integration/continuous deployment (CI/CD) pipelines, the notorious hacking collective TeamPCP has joined forces with BreachForums to inaugurate a new contest. This initiative aims to encourage the widespread infection of open-source software packages.

The objective for participants is to compromise as many open-source packages as possible. The incentive for this destructive activity is a comparatively small sum of $1,000, paid in Monero cryptocurrency.

Intelligence gathered from the dark web indicates that the contest mandates the use of an open-source attack utility dubbed “Shai-Hulud.”

To qualify, hackers must register their forum identities and furnish verifiable proof of successful system access.

Winners are determined based on the cumulative weekly and monthly download statistics of the compromised packages.

This scoring mechanism explicitly encourages indiscriminate, worm-like attacks across the software ecosystem by permitting attackers to aggregate the download counts from numerous smaller packages.

Cybercrime Syndicate Launches Supply Chain Attack Contest

While the potential impact on the supply chain is severe, the $1,000 reward seems disproportionately low given the extent of damage that can be inflicted.

Successful supply chain compromises can expose highly sensitive assets, including CI/CD secrets, cloud access credentials, developer tokens, and proprietary enterprise source code.

BreachForums announced the contest alongside TeamPCP (source : socket)
BreachForums announced the contest alongside TeamPCP (source : socket)

For experienced cybercriminals, access to such valuable assets typically commands a price far exceeding one thousand dollars. Cybersecurity experts interpret this contest as a strategic recruitment tactic, designed to attract less experienced hackers willing to sacrifice valuable access in exchange for reputation and prestige within cybercrime communities.

By crowdsourcing these malicious activities, TeamPCP effectively manipulates novice hackers into performing the foundational work, while the syndicate itself reaps the broader benefits from the compromised infrastructure.

TeamPCP has a well-documented history of targeting critical infrastructure, GitHub Actions, Docker images, and popular package managers such as npm and PyPI. The group specializes in breaching tools that inherently possess elevated privileges, enabling them to harvest credentials for subsequent, more extensive attacks.

According to Socket Research, TeamPCP recently forged a partnership with the ransomware collective Vect. Their credential theft operations have already impacted diverse sectors, including AI firms, government cloud services, manufacturing, and enterprise technology providers.

The release of Shai-Hulud as an open-source tool allows TeamPCP to expand its pipeline for brokering access. While a $1,000 prize may not entice elite threat actors, the ensuing wave of copycat attacks represents a dangerous new layer of risk for open-source maintainers and enterprise security teams alike.

What You Should Do

  • Implement Software Supply Chain Security: Utilize tools and practices that monitor and secure your entire software supply chain, from development to deployment.
  • Vet Open-Source Dependencies: Thoroughly scrutinize all open-source packages used in your projects for known vulnerabilities or suspicious behavior. Employ automated scanning tools.
  • Strengthen CI/CD Pipeline Security: Secure your CI/CD environments with robust access controls, multi-factor authentication, and regular audits.
  • Monitor for Anomalous Activity: Continuously monitor developer accounts, package repositories, and build environments for any unusual logins, code changes, or package uploads.
  • Educate Developers: Train development teams on the risks of supply chain attacks, secure coding practices, and how to identify suspicious packages or requests.

Disclaimer: HackersRadar reports on cybersecurity threats and incidents for informational and awareness purposes only. We do not engage in hacking activities, data exfiltration, or the hosting or distribution of stolen or leaked information. All content is based on publicly available sources.

Tags:

AttackBreachHackerransomwareSecurityThreat

Share Article

David kimber

David kimber

David is a penetration tester turned security journalist with expertise in mobile security, IoT vulnerabilities, and exploit development. As an OSCP-certified security professional, David brings hands-on technical experience to his reporting on vulnerabilities and security research. His articles often feature detailed technical analysis of exploits and provide actionable defense recommendations. David maintains an active presence in the security research community and has contributed to multiple open-source security tools.

Previous Post

Critical Canon MailSuite Bug (CVE-2023-0697) Lets Attackers Run Remote Code

Next Post

Critical node-ipc npm Package Supply Chain Attack Lets Attackers Inject Malware

No Comment! Be the first one.

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Popular Posts
Critical Fluentd Vulnerabilities Allow Remote Code Execution
July 1, 2026
Weaponized Google Ads Install Malicious Claude Code to Hijack macOS
July 1, 2026
Critical Adobe ColdFusion Vulnerabilities Let Attackers Run Code
July 1, 2026
Top Authors
Marcus Rodriguez
Marcus Rodriguez
Jennifer sherman
Jennifer sherman
Emy Elsamnoudy
Emy Elsamnoudy
Let's Connect
156k
2.25m
285k

Related Posts

Jennifer sherman
By Jennifer sherman
Threats

GlassWorm Attacks macOS via Malicious VS Code…

January 1, 2026
Emy Elsamnoudy
By Emy Elsamnoudy
Attacks

ClickFix Attack Hides Malicious Code via Stegan Security

January 1, 2026
Sarah simpson
By Sarah simpson
Vulnerabilities

MongoBleed Detector Tool Released to Detect MongoDB Vulnerability(CVE-2025-14847)

January 1, 2026
Emy Elsamnoudy
By Emy Elsamnoudy
Breaches

Conti Ransomware Gang Leaders & Infrastructure Exposed

January 1, 2026
Hackers News Hackers News
  • [email protected]

Quick Links

  • Contact Us
  • Privacy Policy
  • Terms of service

Categories

Attacks
Breaches
Comparisons
CyberSecurity News
Threats
Vulnerabilities

Let's keep in touch

receive fresh updates and breaking cyber news every day and week!

All Rights Reserved by HackersRadar ©2026

Follow Us