SANS Stormcast Wednesday, March 25th, 2026: IP KVM Usage; TeampPCP, Trivy, liteLLM and More

This episode of SANS Stormcast covers a major supply chain compromise tied to Team PCP, a malicious actor targeting open-source projects and development environments. The breach began when Team PCP exploited a privileged personal access token from Aqua Security to inject malicious code into the Trivi Visual Studio Code extension—a free vulnerability scanner used widely in development workflows. The attackers replaced existing versions rather than releasing new ones, allowing the malware to persist undetected in systems that pinned version tags. The malicious payload was an info stealer that exfiltrated API keys, cloud credentials, and other secrets. The attack escalated when Light LLM, a proxy service for LLMs, was compromised through the same supply chain vector, giving attackers access to credentials for multiple large language models. Additionally, Team PCP was linked to compromising Checkmarx’s open-source tools like KICS, possibly using credentials stolen via Trivi. A new development reveals a Kubernetes wiper malware, also attributed to Team PCP, targeting systems in Iran via time zone and locale detection, and capable of spreading via SSH. The episode emphasizes the critical need for robust secrets management and pinning dependencies by Git hash rather than version tags to prevent such attacks. The host, Johannes Ulrich, underscores that this incident highlights systemic weaknesses in software supply chains and the dangers of poor credential hygiene. He warns that Trivi’s popularity means many organizations may be unknowingly compromised, and urges vigilance across all dependencies. He also notes that Team PCP’s shift from credential stealing to destructive wiper malware signals a more aggressive and potentially state-sponsored campaign. The episode concludes with a call to action: organizations must adopt stronger secret management practices and treat supply chain security as a top priority. The host also promotes his upcoming courses in Orlando and San Diego.