Vibe Coding
Pattern: TeamPCP Supply Chain Campaign Escalates — Three Ecosystems Compromised in 8 Days with Increasing Sophistication
TeamPCP hit Trivy on March 19 (CVE-2026-33634, CVSS 9.4), LiteLLM on March 24 (credential stealer + malware dropper), and telnyx on March 27 (WAV steganography with dual-platform payloads). Each attack is more sophisticated than the last — the telnyx variant uses audio file steganography to hide encrypted binaries, a technique not seen in the earlier attacks. The campaign specifically targets AI/ML infrastructure packages (LiteLLM for LLM proxying, telnyx for communications), suggesting deliberate targeting of developer toolchains.
↳ Follow the thread