TECH NEWS

‘PCPJack’ Worm Removes TeamPCP Infections, Steals Credentials

https://www.securityweek.com/wp-content/uploads/2025/11/malware.jpeg

A threat actor has launched a campaign to clean up environments infected by the infamous TeamPCP hacking group and deploy its own malicious tools, SentinelOne reports.

Active since late April, the campaign relies on a malware framework targeting credentials across multiple cloud environments and capable of propagating itself.

SentinelOne has named the framework PCPJack, due to its focus on removing from the infected systems any tools and artifacts associated with TeamPCP, the hacking group behind a recent flurry of supply chain attacks targeting multiple open source software ecosystems.

“Many of the services targeted by the PCPJack framework are similar to the early TeamPCP/PCPCat campaigns from December 2025, before the high-visibility campaigns of early 2026 brought significant attention to TeamPCP and purportedly led to changes in group membership. We believe this could be a former operator who is deeply familiar with the group’s tooling,” SentinelOne says.

A PCPJack infection, the...

Copyright of this story solely belongs to securityweek.com. To see the full text click HERE

Read more

https://substackcdn.com/image/fetch/$s_!sGDs!,w_1200,h_675,c_fill,f_jpg,q_auto:good,fl_progressive:steep,g_auto/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F250e5...

An analysis based on current valuations of OpenAI and Anthropic suggests ~$370B of philanthropic assets tied to the two AI companies are poised to become liquid

Sponsor Posts Niantic Spatial: World models need real-world data — Scaniverse is the gateway to spatial services — self-serve and built for AI and robotics. Large-area 3D reconstruction from 360° cameras and precise localization, anywhere machines operate. Protecting your Cloud Applications Data — Backing up Office 365, Google Workspace, Dropbox & Salesforce data