{ "_comment": "TeamPCP Supply Chain Campaign IOCs. For programmatic access, fetch this JSON directly. Last updated: 2026-05-19T20:00:00Z", "campaign": "TeamPCP", "cve": "CVE-2026-33634", "network": { "trivy_c2": [ {"value": "scan.aquasecurtiy.org", "note": "typosquat", "incident": "trivy"}, {"value": "45.148.10.212", "type": "ip", "note": "Havoc C2 TeamServer — TECHOFF SRV, Netherlands", "incident": "trivy"} ], "cloudflare_tunnels": [ {"value": "plug-tab-protective-relay.trycloudflare.com", "type": "domain", "note": "exfil", "incident": "trivy"}, {"value": "souls-entire-defined-routes.trycloudflare.com", "type": "domain", "note": "kamikaze v1", "incident": ["trivy", "canisterworm"]}, {"value": "investigation-launches-hearings-copying.trycloudflare.com", "type": "domain", "note": "kamikaze v2", "incident": ["trivy", "canisterworm"]}, {"value": "championships-peoples-point-cassette.trycloudflare.com", "type": "domain", "note": "kamikaze v3/v3.1", "incident": ["trivy", "canisterworm"]}, {"value": "create-sensitivity-grad-sequence.trycloudflare.com", "type": "domain", "note": "kamikaze v3.2/v3.3", "incident": ["trivy", "canisterworm"]} ], "icp_canister": [ {"value": "tdtqy-oyaaa-aaaae-af2dq-cai.raw.icp0.io", "note": "March CanisterWorm C2", "incident": ["trivy", "canisterworm"]}, {"value": "cjn37-uyaaa-aaaac-qgnva-cai.raw.icp0.io", "note": "April CanisterSprawl C2", "incident": "canistersprawl"} ], "canistersprawl_c2": [ {"value": "telemetry.api-monitor.com", "type": "domain", "note": "secondary webhook exfil", "incident": "canistersprawl"} ], "canistersprawl_hashes": [ {"value": "c19c4574d09e60636425f9555d3b63e8cb5c9d63ceb1c982c35e5a310c97a839", "note": "dist/env-compat.cjs", "source": "Socket", "incident": "canistersprawl"}, {"value": "834b6e5db5710b9308d0598978a0148a9dc832361f1fa0b7ad4343dcceba2812", "note": "dist/public.pem (RSA-4096)", "source": "Socket", "incident": "canistersprawl"}, {"value": "87259b0d1d017ad8b8daa7c177c2d9f0940e457f8dd1ab3abab3681e433ca88e", "note": "RSA key fingerprint (DER SHA-256)", "source": "Socket", "incident": "canistersprawl"} ], "kics_c2": [ {"value": "checkmarx.zone", "note": "shared with LiteLLM 1.82.7", "incident": ["checkmarx", "litellm"]}, {"value": "83.142.209.11", "type": "ip", "note": "AdaptixC2 TeamServer — AS205759 Ghosty Networks", "incident": "checkmarx"} ], "litellm_c2": [ {"value": "models.litellm.cloud", "note": "used by 1.82.8", "incident": "litellm"}, {"value": "litellm.cloud", "note": "typosquat domain", "incident": "litellm"}, {"value": "46.151.182.203", "type": "ip", "note": "Exfil/backup C2 — AS205759 Ghosty Networks", "incident": "litellm"}, {"value": "manpages.wtf", "note": "redirect target (not apparently malicious)", "incident": "litellm"} ], "telnyx_c2": [ {"value": "83.142.209.203", "type": "ip", "note": "Telnyx exfil (port 8080) — AS205759 Ghosty Networks", "incident": "telnyx"} ], "wav_delivery": [ {"value": "83.142.209.203:8080/hangup.wav", "note": "Windows payload (AdaptixC2 beacon)", "incident": "telnyx"}, {"value": "83.142.209.203:8080/ringtone.wav", "note": "Unix/macOS payload", "incident": "telnyx"} ], "attacker_ops": [ {"value": "170.62.100.245", "type": "ip", "note": "Primary operator — Kali Linux, Boto3 S3 enum", "incident": "attacker"}, {"value": "209.159.147.239", "type": "ip", "note": "TruffleHog validation — hosts nsa.cat, MinIO", "incident": "attacker"}, {"value": "154.47.29.12", "type": "ip", "note": "Org recon — Windows 11, Datacamp VPN Croatia", "incident": "attacker"}, {"value": "103.75.11.59", "type": "ip", "note": "Re-check — macOS ARM, Host Universal VPN NZ", "incident": "attacker"}, {"value": "nsa.cat", "type": "domain", "note": "Attacker VPS — nginx, MinIO, open directory", "incident": "attacker"}, {"value": "105.245.181.120", "type": "ip", "note": "TruffleHog validation — Vodacom", "source": "Wiz", "incident": "attacker"}, {"value": "138.199.15.172", "type": "ip", "note": "GitHub exfil, AWS recon — Mullvad VPN", "source": "Wiz", "incident": "attacker"}, {"value": "163.245.223.12", "type": "ip", "note": "GitHub exfil — Interserver", "source": "Wiz", "incident": "attacker"}, {"value": "185.77.218.4", "type": "ip", "note": "TruffleHog validation — Crea Nova", "source": "Wiz", "incident": "attacker"}, {"value": "193.32.126.157", "type": "ip", "note": "GitHub exfil — Mullvad VPN", "source": "Wiz", "incident": "attacker"}, {"value": "23.234.107.104", "type": "ip", "note": "TruffleHog validation — Tzulo", "source": "Wiz", "incident": "attacker"}, {"value": "34.205.27.48", "type": "ip", "note": "TruffleHog validation — Amazon AWS", "source": "Wiz", "incident": "attacker"} ], "staging_server": [ {"value": "43.228.157.123", "type": "ip", "note": "Open directory malware staging — AS205759 Ghosty Networks SG", "source": "LloydLabs", "incident": "attacker"}, {"value": "43.228.157.123/MidwestGrey.exe", "type": "url", "note": "Windows PE dropper (Mar 25)", "source": "LloydLabs", "incident": "attacker"}, {"value": "43.228.157.123/kfhogts", "type": "url", "note": "Python trojan bundle (Mar 13)", "source": "LloydLabs", "incident": "attacker"}, {"value": "43.228.157.123/oqqqqoa.mp3", "type": "url", "note": "Audio steganography payload", "source": "LloydLabs", "incident": "attacker"} ], "april_c2": [ {"value": "94.154.172.43", "type": "ip", "note": "audit.checkmarx.cx — shared KICS/Bitwarden C2", "incident": ["kics-docker", "bitwarden"]}, {"value": "audit.checkmarx.cx", "type": "domain", "note": "KICS telemetry exfil endpoint", "incident": ["kics-docker", "bitwarden"]}, {"value": "whereisitat.lucyatemysuperbox.space", "type": "domain", "note": "xinference exfil (disputed)", "incident": "xinference"}, {"value": "zero.masscan.cloud", "type": "domain", "note": "Mini Shai Hulud primary exfil", "incident": "mini-shai-hulud"} ], "mini_shai_hulud_2_c2": [ {"value": "git-tanstack.com", "type": "domain", "note": "typosquat C2", "incident": "mini-shai-hulud-2"}, {"value": "83.142.209.194", "type": "ip", "note": "TanStack C2 / payload host", "incident": "mini-shai-hulud-2"}, {"value": "83.142.209.194/transformers.pyz", "type": "url", "note": "PyPI mistralai payload download", "incident": "mini-shai-hulud-2"}, {"value": "api.masscan.cloud", "type": "domain", "note": "C2 (Mistral advisory)", "incident": "mini-shai-hulud-2"}, {"value": "seed1.getsession.org", "type": "domain", "note": "Session network node", "incident": "mini-shai-hulud-2"}, {"value": "seed2.getsession.org", "type": "domain", "note": "Session network node", "incident": "mini-shai-hulud-2"}, {"value": "seed3.getsession.org", "type": "domain", "note": "Session network node", "incident": "mini-shai-hulud-2"}, {"value": "filev2.getsession.org", "type": "domain", "note": "Session network node", "incident": "mini-shai-hulud-2"}, {"value": "05f9e609d79eed391015e11380dee4b5c9ead0b6e2e7f0134e6e51767a87323026", "type": "session_id", "note": "Session recipient ID", "incident": "mini-shai-hulud-2"} ], "durabletask_c2": [ {"value": "check.git-service.com", "type": "domain", "note": "primary C2", "incident": "durabletask"}, {"value": "t.m-kosche.com", "type": "domain", "note": "shared TeamPCP C2", "incident": ["durabletask", "antv"]}, {"value": "83.142.209.194", "type": "ip", "note": "legacy payload host", "incident": ["durabletask", "mini-shai-hulud-2"]} ], "antv_c2": [ {"value": "t.m-kosche.com", "type": "domain", "note": "primary exfil C2", "incident": "antv"}, {"value": "185.95.159.32", "type": "ip", "note": "t.m-kosche.com resolved IP", "incident": "antv"}, {"value": "t.m-kosche.com:443/api/public/otel/v1/traces", "type": "url", "note": "exfil endpoint (disguised as OpenTelemetry)", "incident": "antv"}, {"value": "api.github.com/search/commits?q=firedalazer", "type": "url", "note": "dead-drop C2 trigger", "incident": "antv"}, {"value": "fulcio.sigstore.dev/api/v2/signingCert", "type": "url", "note": "Sigstore abuse for OIDC token forging", "incident": "antv"}, {"value": "rekor.sigstore.dev/api/v1/log/entries", "type": "url", "note": "Sigstore abuse", "incident": "antv"} ] }, "hashes": { "litellm_packages": [ {"value": "8395c3268d5c5dbae1c7c6d4bb3c318c752ba4608cfcd90eb97ffb94a910eac2", "note": "litellm-1.82.7.whl", "incident": "litellm"}, {"value": "d2a0d5f564628773b6af7b9c11f6b86531a875bd2d186d7081ab62748a800ebb", "note": "litellm-1.82.8.whl", "incident": "litellm"}, {"value": "8a2a05fd8bdc329c8a86d2d08229d167500c01ecad06e40477c49fb0096efdea", "note": "litellm-1.82.7.tar.gz", "incident": "litellm"}, {"value": "d39f4e7a218053cce976c91eacf184cf09a6960c731cc9d66d8e1a53406593a5", "note": "litellm-1.82.8.tar.gz", "incident": "litellm"} ], "litellm_malware": [ {"value": "a0d229be8efcb2f9135e2ad55ba275b76ddcfeb55fa4370e0a522a5bdee0120b", "note": "proxy_server.py", "incident": "litellm"}, {"value": "71e35aef03099cd1f2d6446734273025a163597de93912df321ef118bf135238", "note": "litellm_init.pth", "incident": "litellm"}, {"value": "6cf223aea68b0e8031ff68251e30b6017a0513fe152e235c26f248ba1e15c92a", "note": "sysmon.py (persistence)", "source": "Hexastrike (confirmed)", "incident": ["litellm", "telnyx"]} ], "trivy_binaries": [ {"value": "822dd269ec10459572dfaaefe163dae693c344249a0161953f0d5cdd110bd2a0", "note": "Linux-64bit", "incident": "trivy"}, {"value": "f7084b0229dce605ccc5506b14acd4d954a496da4b6134a294844ca8d601970d", "note": "Linux-32bit", "incident": "trivy"}, {"value": "bef7e2c5a92c4fa4af17791efc1e46311c0f304796f1172fce192f5efc40f5d7", "note": "Linux-ARM", "incident": "trivy"}, {"value": "e64e152afe2c722d750f10259626f357cdea40420c5eedae37969fbf13abbecf", "note": "Linux-ARM64", "incident": "trivy"}, {"value": "ecce7ae5ffc9f57bb70efd3ea136a2923f701334a8cd47d4fbf01a97fd22859c", "note": "Linux-PPC64LE", "incident": "trivy"}, {"value": "d5edd791021b966fb6af0ace09319ace7b97d6642363ef27b3d5056ca654a94c", "note": "Linux-s390x", "incident": "trivy"}, {"value": "e6310d8a003d7ac101a6b1cd39ff6c6a88ee454b767c1bdce143e04bc1113243", "note": "macOS-64bit", "incident": "trivy"}, {"value": "6328a34b26a63423b555a61f89a6a0525a534e9c88584c815d937910f1ddd538", "note": "macOS-ARM64", "incident": "trivy"}, {"value": "0880819ef821cff918960a39c1c1aada55a5593c61c608ea9215da858a86e349", "note": "Windows-64bit", "incident": "trivy"}, {"value": "887e1f5b5b50162a60bd03b66269e0ae545d0aef0583c1c5b00972152ad7e073", "note": "FreeBSD-64bit", "incident": "trivy"} ], "trivy_action_malware": [ {"value": "18a24f83e807479438dcab7a1804c51a00dafc1d526698a66e0640d1e5dd671a", "note": "entrypoint.sh (malicious)", "incident": "trivy"} ], "kics_openvsx": [ {"value": "527f795a201a6bc114394c4cfd1c74dce97381989f51a4661aafbc93a4439e90", "note": "environmentAuthChecker.js", "incident": "checkmarx"}, {"value": "65bd72fcddaf938cefdf55b3323ad29f649a65d4ddd6aea09afa974dfc7f105d", "note": "ast-results@2.53.0", "incident": "checkmarx"}, {"value": "744c9d61b66bcd2bb5474d9afeee6c00bb7e0cd32535781da188b80eb59383e0", "note": "cx-dev-assist@1.7.0", "incident": "checkmarx"}, {"value": "0d66d8c7e02574ff0d3443de0585af19c903d12466d88573ed82ec788655975c", "note": "checkmarx-util@1.0.4", "incident": "checkmarx"} ], "checkmarx_jenkins_may9": [ {"value": "85487e68fc46fe3faec2617ac4f2ee5d", "type": "md5", "note": "checkmarx-ast-scanner.hpi v2026.5.09 (malicious)", "incident": "checkmarx-jenkins"}, {"value": "1ac56ecda9a255c23eabd70c276905a0", "type": "md5", "note": "checkmarx-ast-scanner.jar (injected)", "incident": "checkmarx-jenkins"}, {"value": "9f9f83795fc162b7e44bc6859fc80535", "type": "md5", "note": "cli.js credential stealer", "incident": "checkmarx-jenkins"}, {"value": "HeyEveryoneCheckmarxIsNotGonnaMakeIt", "type": "string", "note": "Commit message prefix for exfiltration", "incident": "checkmarx-jenkins"}, {"value": "/tmp/tmp.checkmarx_tracker.lock", "type": "filepath", "note": "Lock file (active infection indicator)", "incident": "checkmarx-jenkins"}, {"value": "~/hugs_from_teamPCP.txt", "type": "filepath", "note": "Goodbye message written on exception", "incident": "checkmarx-jenkins"} ], "telnyx_packages": [ {"value": "7321caa303fe96ded0492c747d2f353c4f7d17185656fe292ab0a59e2bd0b8d9", "note": "telnyx-4.87.1.whl", "source": "Hexastrike", "incident": "telnyx"}, {"value": "f66c1ea3b25ec95d0c6a07be92c761551e543a7b256f9c78a2ff781c77df7093", "note": "telnyx-4.87.1.tar.gz", "source": "Hexastrike", "incident": "telnyx"}, {"value": "cd08115806662469bbedec4b03f8427b97c8a4b3bc1442dc18b72b4e19395fe3", "note": "telnyx-4.87.2.whl", "source": "Hexastrike", "incident": "telnyx"}, {"value": "a9235c0eb74a8e92e5a0150e055ee9dcdc6252a07785b6677a9ca831157833a5", "note": "telnyx-4.87.2.tar.gz", "source": "Hexastrike", "incident": "telnyx"} ], "telnyx_malware": [ {"value": "23b1ec58649170650110ecad96e5a9490d98146e105226a16d898fbe108139e5", "note": "_client.py v4.87.1", "source": "Hexastrike", "incident": "telnyx"}, {"value": "ab4c4aebb52027bf3d2f6b2dcef593a1a2cff415774ea4711f7d6e0aa1451d4e", "note": "_client.py v4.87.2", "source": "Hexastrike", "incident": "telnyx"}, {"value": "84edce66f09c55bbb44754411bde4b092288d172734df62fac20d6f794b3a2ec", "note": "Linux Stage 2 loader (base64 decoded)", "source": "Hexastrike", "incident": "telnyx"}, {"value": "5ce544a8db5d0b0953c966384858e4e8a017e7acba2f5f6d0ac8f529d59939d8", "note": "Stage 3 credential harvester", "source": "Hexastrike", "incident": "telnyx"}, {"value": "196b5e0e06424a02e360e28e08d7dcfab7ec8946af9477ca352c6cf6b7d4e9bd", "note": "Inner PE RAT (extracted)", "source": "Hexastrike", "incident": "telnyx"}, {"value": "e6912e3ec58120bf63edf2e4be6ff2f092c40cfbc655a12f4a463b2ef98d368e", "note": "Embedded PNG steganography", "source": "Hexastrike", "incident": "telnyx"}, {"value": "e4e3b176c1255666024d90392e09466a23bf6e8740bf589c6d1ccf2dfff451a4", "note": "Reflective PE loader shellcode", "source": "Hexastrike", "incident": "telnyx"} ], "canisterworm_malware": [ {"value": "e9b1e069efc778c1e77fb3f5fcc3bd3580bbc810604cbf4347897ddb4b8c163b", "note": "index.js variant", "incident": "canisterworm"}, {"value": "61ff00a81b19624adaad425b9129ba2f312f4ab76fb5ddc2c628a5037d31a4ba", "note": "index.js variant", "incident": "canisterworm"}, {"value": "0c0d206d5e68c0cf64d57ffa8bc5b1dad54f2dda52f24e96e02e237498cb9c3a", "note": "index.js variant", "incident": "canisterworm"}, {"value": "c37c0ae9641d2e5329fcdee847a756bf1140fdb7f0b7c78a40fdc39055e7d926", "note": "index.js variant", "incident": "canisterworm"}, {"value": "f398f06eefcd3558c38820a397e3193856e4e6e7c67f81ecc8e533275284b152", "note": "deploy.js variant", "incident": "canisterworm"}, {"value": "7df6cef7ab9aae2ea08f2f872f6456b5d51d896ddda907a238cd6668ccdc4bb7", "note": "deploy.js variant", "incident": "canisterworm"}, {"value": "5e2ba7c4c53fa6e0cef58011acdd50682cf83fb7b989712d2fcf1b5173bad956", "note": "deploy.js variant", "incident": "canisterworm"} ], "staging_server_malware": [ {"value": "81eda518ff6ebb25e6aa8d626b78cd2eb6cb38b5d7efb34e021289e76993414b", "note": "MidwestGrey.exe (Windows PE dropper)", "source": "LloydLabs", "incident": "attacker"}, {"value": "ea47cebe2fbbf06c22b9bd9b9d72dd4fe64aed4e68675aa5e693312a773e09e9", "note": "kfhogts (Python trojan bundle)", "source": "LloydLabs", "incident": "attacker"} ], "windows_payload": [ {"value": "7290353a3bc2b18e9ea574d3294b09e28edaa6b038285bb101cf09760f187dcd", "note": "msbuild.exe (outer PE)", "source": "HackingLZ", "incident": "telnyx"}, {"value": "dafc1cc5d39bc303562d8587b698b6351e843b77c01764efa8b423a36b88fa6d", "note": "file.dll (AdaptixC2 beacon)", "source": "HackingLZ", "incident": "telnyx"}, {"value": "7e270255567866d37ad56e3f06977b695e39530eede74a10a0848ba71560cb45", "note": "embedded PNG (stego)", "source": "HackingLZ", "incident": "telnyx"}, {"value": "b92bd082bbd7d238089b2bb87d9cbf01be1bf8ab7213b67e9d27108e052ef75c", "note": "shellcode (loader + DLL)", "source": "HackingLZ", "incident": "telnyx"}, {"value": "26b689749bc57991cbae2aab8ab6cf5acab6c64db4829ba2b1ced6c60d99a7a8", "note": "reflective loader stub", "source": "HackingLZ", "incident": "telnyx"} ], "certificates": [ {"value": "30015dd1e2cf4dbd49fff9ddef2ad4622da2e60e5c0b6228595325532e948f14", "note": "Self-signed certificate", "source": "Unit42", "incident": "attacker"}, {"value": "41c4f2f37c0b257d1e20fe167f2098da9d2e0a939b09ed3f63bc4fe010f8365c", "note": "Self-signed certificate", "source": "Unit42", "incident": "attacker"}, {"value": "d8caf4581c9f0000c7568d78fb7d2e595ab36134e2346297d78615942cbbd727", "note": "Self-signed certificate", "source": "Unit42", "incident": "attacker"} ], "kics_docker_april": [ {"value": "24680027afadea90c7c713821e214b15cb6c922e67ac01109fb1edb3ee4741d9", "note": "mcpAddon.js", "source": "Socket", "incident": "kics-docker"}, {"value": "2a6a35f06118ff7d61bfd36a5788557b695095e7c9a609b4a01956883f146f50", "note": "kics ELF binary", "source": "Socket", "incident": "kics-docker"} ], "kics_docker_digests": [ {"value": "sha256:2588a44890263a8185bd5d9fadb6bc9220b60245dbcbc4da35e1b62a6f8c230d", "note": "Alpine index manifest", "source": "Docker", "incident": "kics-docker"}, {"value": "sha256:222e6bfed0f3bb1937bf5e719a2342871ccd683ff1c0cb967c8e31ea58beaf7b", "note": "Debian index manifest", "source": "Docker", "incident": "kics-docker"}, {"value": "sha256:a0d9366f6f0166dcbf92fcdc98e1a03d2e6210e8d7e8573f74d50849130651a0", "note": "Latest index manifest", "source": "Docker", "incident": "kics-docker"} ], "bitwarden_cli": [ {"value": "18f784b3bc9a0bcdcb1a8d7f51bc5f54323fc40cbd874119354ab609bef6e4cb", "note": "bw1.js (11.7 MB payload)", "source": "N3mes1s", "incident": "bitwarden"}, {"value": "f35475829991b303c5efc2ee0f343dd38f8614e8b5e69db683923135f85cf60d", "note": "bw_setup.js (loader)", "source": "N3mes1s", "incident": "bitwarden"}, {"value": "8605e365edf11160aad517c7d79a3b26b62290e5072ef97b102a01ddbb343f14", "note": "second-stage payload", "source": "JFrog", "incident": "bitwarden"}, {"value": "167ce57ef59a32a6a0ef4137785828077879092d7f83ddbc1755d6e69116e0ad", "note": "package.json root metadata", "source": "JFrog", "incident": "bitwarden"} ], "mini_shai_hulud_dropper": [ {"value": "4066781fa830224c8bbcc3aa005a396657f9c8f9016f9a64ad44a9d7f5f45e34", "note": "setup.mjs (shared dropper)", "source": "Socket", "incident": "mini-shai-hulud"} ], "mini_shai_hulud_sap": [ {"value": "eb6eb4154b03ec73218727dc643d26f4e14dfda2438112926bb5daf37ae8bcdb", "note": "execution.js (@cap-js/postgres)", "source": "Socket", "incident": "mini-shai-hulud"}, {"value": "1d9e4ece8e13c8eaf94cb858470d1bd8f81bb58f62583552303774fa1579edee", "note": "@cap-js/postgres-2.2.2.tgz", "source": "Wiz", "incident": "mini-shai-hulud"}, {"value": "6f933d00b7d05678eb43c90963a80b8947c4ae6830182f89df31da9f568fea95", "note": "execution.js (@cap-js/sqlite)", "source": "Aikido", "incident": "mini-shai-hulud"}, {"value": "a1da198bb4e883d077a0e13351bf2c3acdea10497152292e873d79d4f7420211", "note": "@cap-js/sqlite-2.2.2.tgz", "source": "Wiz", "incident": "mini-shai-hulud"}, {"value": "258257560fe2f1c2cc3924eae40718c829085b52ae3436b4e46d2565f6996271", "note": "@cap-js/db-service-2.10.1.tgz", "source": "Wiz", "incident": "mini-shai-hulud"}, {"value": "80a3d2877813968ef847ae73b5eeeb70b9435254e74d7f07d8cf4057f0a710ac", "note": "execution.js (mbt)", "source": "Socket", "incident": "mini-shai-hulud"}, {"value": "86282ebcd3bebf50f087f2c6b00c62caa667cdcb53558033d85acd39e3d88b41", "note": "mbt-1.2.48.tgz", "source": "Wiz", "incident": "mini-shai-hulud"}, {"value": "29ac906c8bd801dfe1cb39596197df49f80fff2270b3e7fbab52278c24e4f1a7", "note": "memory dumper (Runner.Worker)", "source": "Aikido", "incident": "mini-shai-hulud"} ], "mini_shai_hulud_intercom": [ {"value": "50212a875643520353df158196b9b3be4595094125ad8d2d2c48bdd9cb04ce1f", "note": "router_runtime.js (intercom-php)", "source": "Socket", "incident": "mini-shai-hulud"}, {"value": "832a976d1a8d54e296e8479aedbd89fa24baa02b8409a78bf06d4d03340881bd", "note": "setup-intercom.sh", "source": "Socket", "incident": "mini-shai-hulud"}, {"value": "b084743bd16043461e68b604dde80a8b386b405eae6f66c1103fb4fd6831d4a7", "note": "composerPlugin.php", "source": "Socket", "incident": "mini-shai-hulud"}, {"value": "66664a49edbcee0ed0d8365839707916e92d3aa06e7f26f33c9dcc58e5fc1ef3", "note": "intercom-intercom-php-5.0.2.zip", "source": "Socket", "incident": "mini-shai-hulud"}, {"value": "907aec5b1288057a3e0885226918b6930a62a0f348ce23de026a683238c7903e", "note": "composer.json (intercom-php)", "source": "Socket", "incident": "mini-shai-hulud"} ], "mini_shai_hulud_lightning": [ {"value": "5f5852b5f604369945118937b058e49064612ac69826e0adadca39a357dfb5b1", "note": "router_runtime.js (lightning 2.6.2/2.6.3)", "source": "Lightning.ai", "incident": "mini-shai-hulud"}, {"value": "8046a11187c135da6959862ff3846e99ad15462d2ec8a2f77a30ad53ebd5dcf2", "note": "start.py (loader)", "source": "Lightning.ai", "incident": "mini-shai-hulud"} ], "mini_shai_hulud_persistence": [ {"value": "14eb4ce01dd4307759887ff819359b70d7d9ff709ecde039a5abc1aac325b128", "note": ".claude/settings.json (SessionStart hook)", "source": "Wiz", "incident": "mini-shai-hulud"}, {"value": "927387d0cfac1118df4b383decc2ea6ba49c9d2f98b47098bcbcba1efc026e1f", "note": ".vscode/tasks.json (folderOpen task)", "source": "Wiz", "incident": "mini-shai-hulud"} ], "xinference_packages": [ {"value": "9d5bf42dedbefee145b9b3704d26b54668fd856f990299ec64f6b45b18e3f0bf", "note": "xinference-2.6.0-py3-none-any.whl", "incident": "xinference"}, {"value": "96938e023f9ab0e963201522729a77e826b7bf336b1e5c972be76f8438ea4c1b", "note": "xinference-2.6.1-py3-none-any.whl", "incident": "xinference"}, {"value": "06c88b286610e397ad22b8453b75ebf1e7bfe3b22c558577e17c39f21ef78a9c", "note": "xinference-2.6.2-py3-none-any.whl", "incident": "xinference"} ], "mini_shai_hulud_2_malware": [ {"value": "ab4fcadaec49c03278063dd269ea5eef82d24f2124a8e15d7b90f2fa8601266c", "note": "router_init.js (2,341,681 bytes)", "incident": "mini-shai-hulud-2"}, {"value": "2ec78d556d696e208927cc503d48e4b5eb56b31abc2870c2ed2e98d6be27fc96", "note": "router_init.js (2,339,346 bytes)", "incident": "mini-shai-hulud-2"}, {"value": "2258284d65f63829bd67eaba01ef6f1ada2f593f9bbe41678b2df360bd90d3df", "note": "setup.mjs (5,047 bytes)", "incident": "mini-shai-hulud-2"}, {"value": "7c12d8614c624c70d6dd6fc2ee289332474abaa38f70ebe2cdef064923ca3a9b", "note": "@tanstack/setup malicious package", "source": "Mistral", "incident": "mini-shai-hulud-2"} ], "mini_shai_hulud_2_persistence": [ {"value": "src/mistralai/client/__init__.py", "type": "filepath", "note": "PyPI injection point", "incident": "mini-shai-hulud-2"}, {"value": "/tmp/transformers.pyz", "type": "filepath", "note": "downloaded payload path", "incident": "mini-shai-hulud-2"}, {"value": "MISTRAL_INIT=1", "type": "envvar", "note": "execution guard", "incident": "mini-shai-hulud-2"} ], "antv_vscode": [ {"value": "1a4afce34918bdc74ae3f31edaffffaa0ee074d83618f53edfd88137927340b8", "note": "nrwl.angular-console@18.95.0 VSIX", "source": "StepSecurity", "incident": "antv"}, {"value": "b0cefb66b953e5184b6adb3035e9e267335ac5eabfe1848e07834777b9397b74", "note": "malicious main.js", "source": "StepSecurity", "incident": "antv"}, {"value": "e7347d90653efc565f03733a95e9209d78f9cfa81e31ff2b2dd9d48d75a4b8b1", "note": "obfuscated payload (index.js)", "source": "StepSecurity", "incident": "antv"}, {"value": "43f2b001846c4966073ebffa5be8f15e491a1e7d32bbd805d57406ff540e0dd9", "note": "dropper package.json", "source": "StepSecurity", "incident": "antv"}, {"value": "228a2cf081d4cbea9b91cde14a8f9c4a4d003e7f32431496953fd6bac266f5a3", "note": "clean v18.94.0 (reference)", "source": "StepSecurity", "incident": "antv"}, {"value": "cb86f4f223daa54467c7782a0d8607e9c84e2bb633e6f0e51d9a19579e200990", "note": "remediated v18.100.0", "source": "StepSecurity", "incident": "antv"} ], "antv_backdoor": [ {"value": "fb5c97557230a27460fdab01fafcfabeaa49590bafd5b6ef30501aa9e0a51142", "note": "~/.local/share/kitty/cat.py (SHA-256)", "source": "Wiz", "incident": "antv"}, {"value": "783b4019fc5b942a29846132d28441c8fc31bed8", "type": "sha1", "note": "~/.local/share/kitty/cat.py", "source": "Wiz", "incident": "antv"}, {"value": "b06b126b9e26af03a7ef2f8b8e90d446", "type": "md5", "note": "~/.local/share/kitty/cat.py", "source": "Wiz", "incident": "antv"} ], "antv_npm_payload": [ {"value": "a68dd1e6a6e35ec3771e1f94fe796f55dfe65a2b94560516ff4ac189390dfa1c", "note": "index.js payload (486-498KB obfuscated Bun bundle)", "source": "SafeDep", "incident": "antv"} ], "durabletask_packages": [ {"value": "7d80b3ef74ad7992b93c31966962612e4e2ceb93e7727cdbd1d2a9af47d44ba8", "note": "durabletask-1.4.1", "source": "Wiz", "incident": "durabletask"}, {"value": "aeaf583e20347bf850e2fabdcd6f4982996ba023f8c2cd56bbd299cfd56516f5", "note": "durabletask-1.4.2", "source": "Wiz", "incident": "durabletask"}, {"value": "877ff2531a63393c4cb9c3c86908b62d9c4fc3db971bc231c48537faae6cb3ec", "note": "durabletask-1.4.3", "source": "Wiz", "incident": "durabletask"} ], "durabletask_malware": [ {"value": "069ac1dc7f7649b76bc72a11ac700f373804bfd81dab7e561157b703999f44ce", "note": "rope.pyz payload", "source": "Wiz", "incident": "durabletask"} ] }, "github": { "imposter_commits": [ {"value": "actions/checkout @ 70379aad", "url": "https://github.com/actions/checkout/commit/70379aad1a8b40919ce8b382d3cd7d0315cde1d0", "note": "→ rauchg", "incident": "trivy"}, {"value": "aquasecurity/trivy @ 1885610c", "url": "https://github.com/aquasecurity/trivy/commit/1885610c6a34811c8296416ae69f568002ef11ec", "note": "→ DmitriyLewen", "incident": "trivy"}, {"value": "aquasecurity/trivy-action @ ddb9da44", "url": "https://github.com/aquasecurity/trivy-action/commit/ddb9da4475c1cef7d5389062bdfdfbdbd1394648", "incident": "trivy"} ], "lateral_movement": [ {"value": "aquasecurity/tfsec @ a67fd5b5", "url": "https://github.com/aquasecurity/tfsec/commit/a67fd5b5b119", "incident": "trivy"}, {"value": "aquasecurity/traceeshark @ 56591dfe", "url": "https://github.com/aquasecurity/traceeshark/commit/56591dfe113b", "incident": "trivy"}, {"value": "aquasecurity/trivy-action @ 93ed4111", "url": "https://github.com/aquasecurity/trivy-action/commit/93ed41111017c3767fafc7d9cc8711f3be1a661f", "incident": "trivy"}, {"value": "aquasecurity/setup-trivy @ 8afa9b9f", "url": "https://github.com/aquasecurity/setup-trivy/commit/8afa9b9f9183b4e00c46e2b82d34047e3c177bd0", "note": "→ thara", "incident": "trivy"} ], "checkmarx_actions": [ {"value": "Checkmarx/kics-github-action @ 121c38f", "url": "https://github.com/Checkmarx/kics-github-action/commit/121c38f", "incident": "checkmarx"}, {"value": "Checkmarx/ast-github-action @ aa52a82c", "url": "https://github.com/Checkmarx/ast-github-action/commit/aa52a82cddf2fa5ad54a519a0a56fd430264dbbe", "feedback": "Tunahan TEKEOĞLU", "incident": "checkmarx"}, {"value": "Checkmarx/kics @ 22769adb", "url": "https://github.com/Checkmarx/kics/commit/22769adb159bb5954adea5074e9763e8376201b3", "note": "Gato-X secrets exfil workflow", "incident": "kics-docker"}, {"value": "Checkmarx/ast-github-action PR#307", "url": "https://github.com/Checkmarx/ast-github-action/pull/307", "note": "curl audit.checkmarx.cx pipe injection", "incident": "kics-docker"} ], "litellm_exfil": [ {"value": "BerriAI/litellm @ fcaa823d", "url": "https://github.com/BerriAI/litellm/commit/fcaa823de07878d0d98e97f6f5552c0e2ac00d2f", "note": "test.yml", "incident": "litellm"}, {"value": "BerriAI/litellm-skills @ 81c851cc", "url": "https://github.com/BerriAI/litellm-skills/commit/81c851cc00313c44effd421712523f294b18391e", "note": "test.yml", "incident": "litellm"} ], "tanstack_attack": [ {"value": "zblgg/configuration", "url": "https://github.com/zblgg/configuration", "note": "renamed fork of TanStack/router", "incident": "mini-shai-hulud-2"}, {"value": "79ac49eedf774dd4b0cfa308722bc463cfe5885c", "note": "malicious commit hash", "incident": "mini-shai-hulud-2"} ], "compromised_accounts": [ {"value": "aqua-bot", "note": "ID: 54269356 — Trivy", "incident": "trivy"}, {"value": "Argon-DevOps-Mgt", "note": "ID: 139343333 — aquasec-com defacement", "incident": "trivy"}, {"value": "cx-plugins-releases", "note": "ID: 225848595 — KICS", "incident": "checkmarx"}, {"value": "octocommit", "note": "ID: 266895321 — f.k.a. DarkSeek3r, renamed Mar 10", "incident": "trivy"}, {"value": "ast-phoenix", "note": "OpenVSX publisher", "incident": "checkmarx"}, {"value": "aDrupont4191", "note": "Bitwarden CLI attack — deleted", "incident": "bitwarden"}, {"value": "XprobeBot", "note": "PyPI bot account — xinference (disputed)", "incident": "xinference"}, {"value": "zblgg", "note": "TanStack attack fork account", "incident": "mini-shai-hulud-2"}, {"value": "atool", "note": "npm maintainer account — AntV", "incident": "antv"} ], "antv_imposter_commits": [ {"value": "antvis/G2 @ 1916faa365f2788b6e193514872d51a242876569", "url": "https://github.com/antvis/G2/commit/1916faa365f2788b6e193514872d51a242876569", "note": "orphan commit (626 versions)", "incident": "antv"}, {"value": "antvis/G2 @ 7cb42f57561c321ecb09b4552802ae0ac55b3a7a", "url": "https://github.com/antvis/G2/commit/7cb42f57561c321ecb09b4552802ae0ac55b3a7a", "note": "orphan commit (2 versions)", "incident": "antv"}, {"value": "antvis/G2 @ dc3d62a2181beb9f326952a2d212900c94f2e13d", "url": "https://github.com/antvis/G2/commit/dc3d62a2181beb9f326952a2d212900c94f2e13d", "note": "orphan commit (1 version, garbage-collected)", "incident": "antv"} ], "antv_vscode_commits": [ {"value": "558b09d7ad0d1660e2a0fb8a06da81a6f42e06d2", "note": "Nx Console orphan commit", "incident": "antv"}, {"value": "ba642fe2c7c65e42dd7f6444b83023dc6827e08c", "note": "commit tree", "incident": "antv"}, {"value": "acfc3f957a63b4cde93ff645f2b6bf26a8ed1bbf", "note": "index.js blob", "incident": "antv"}, {"value": "9d88f040c44b5f4d5f9db15ff89310776c168e99", "note": "package.json blob", "incident": "antv"} ], "antv_actions": [ {"value": "actions-cool/issues-helper", "note": "53 tags compromised (19:10:24-19:13:40 UTC)", "incident": "antv"}, {"value": "actions-cool/maintain-one-comment", "note": "15 tags compromised (19:30:30-19:31:09 UTC)", "incident": "antv"}, {"value": "1c9e803c80cc7fed000022d4c94f4b5bc2e90062", "note": "issues-helper v3.8.0 malicious commit", "incident": "antv"}, {"value": "f0448c62fc57b8a5ce23d8acd6e795cdd76a3b6c", "note": "issues-helper v3.7.6 malicious commit", "incident": "antv"}, {"value": "b9c83f01929e190cda300e76f688bf7ea7e37a7a", "note": "issues-helper v3.0.0 malicious commit", "incident": "antv"} ], "container_images": [ {"value": "ghcr.io/aquasecurity/trivy:0.69.4", "note": "~3hr exposure", "incident": "trivy"}, {"value": "docker.io/aquasec/trivy:0.69.4", "note": "~3hr exposure", "incident": "trivy"}, {"value": "public.ecr.aws/aquasecurity/trivy:0.69.4", "note": "~3hr exposure", "incident": "trivy"}, {"value": "docker.io/aquasec/trivy:0.69.5", "note": "Mar 22", "incident": "trivy"}, {"value": "sha256:f69a8a4180c43fc427532ddde34a256acbd041a0a07844cf7e4d3e0434e5bcd1", "note": "aquasec/trivy:0.69.5 image digest", "incident": "trivy"}, {"value": "docker.io/aquasec/trivy:0.69.6", "note": "Mar 22", "incident": "trivy"}, {"value": "sha256:dd8beb3b40df080b3fd7f9a0f5a1b02f3692f65c68980f46da8328ce8bb788ef", "note": "aquasec/trivy:0.69.6 image digest", "incident": "trivy"}, {"value": "docker.io/checkmarx/kics:latest", "note": "Apr 22 ~1.5hr exposure", "incident": "kics-docker"}, {"value": "docker.io/checkmarx/kics:v2.1.20", "note": "Apr 22 overwritten", "incident": "kics-docker"}, {"value": "docker.io/checkmarx/kics:v2.1.21", "note": "Apr 22 new malicious tag", "incident": "kics-docker"}, {"value": "docker.io/checkmarx/kics:alpine", "note": "Apr 22 overwritten", "incident": "kics-docker"}, {"value": "docker.io/checkmarx/kics:debian", "note": "Apr 22 overwritten", "incident": "kics-docker"} ], "pypi_packages": [ {"value": "litellm==1.82.7", "note": "quarantined", "incident": "litellm"}, {"value": "litellm==1.82.8", "note": "quarantined", "incident": "litellm"}, {"value": "telnyx==4.87.1", "note": "malicious (Win bug)", "incident": "telnyx"}, {"value": "telnyx==4.87.2", "note": "malicious", "incident": "telnyx"}, {"value": "xinference==2.6.0", "note": "disputed TeamPCP attribution", "incident": "xinference"}, {"value": "xinference==2.6.1", "note": "disputed TeamPCP attribution", "incident": "xinference"}, {"value": "xinference==2.6.2", "note": "disputed TeamPCP attribution", "incident": "xinference"}, {"value": "lightning==2.6.2", "note": "PyTorch Lightning", "incident": "mini-shai-hulud"}, {"value": "lightning==2.6.3", "note": "PyTorch Lightning", "incident": "mini-shai-hulud"}, {"value": "guardrails-ai==0.10.1", "note": "Guardrails AI", "incident": ["mini-shai-hulud-2", "durabletask"]}, {"value": "durabletask==1.4.1", "note": "Microsoft DurableTask SDK", "incident": "durabletask"}, {"value": "durabletask==1.4.2", "note": "Microsoft DurableTask SDK", "incident": "durabletask"}, {"value": "durabletask==1.4.3", "note": "Microsoft DurableTask SDK", "incident": "durabletask"}, {"value": "mistralai==2.4.6", "note": "Mistral AI Python client", "incident": "mini-shai-hulud-2"} ], "npm_packages": [ {"value": "@EmilGroup/*", "note": "28 packages compromised", "incident": "canisterworm"}, {"value": "@opengov/*", "note": "16 packages compromised", "incident": "canisterworm"}, {"value": "@teale.io/eslint-config@1.8.11", "note": "self-propagating variant", "incident": "canisterworm"}, {"value": "@teale.io/eslint-config@1.8.12", "note": "self-propagating variant", "incident": "canisterworm"}, {"value": "@airtm/uuid-base32", "note": "compromised", "incident": "canisterworm"}, {"value": "@pypestream/floating-ui-dom", "note": "compromised", "incident": "canisterworm"}, {"value": "@bitwarden/cli@2026.4.0", "note": "cascading from KICS Docker", "incident": "bitwarden"}, {"value": "pgserve@1.1.11-1.1.14", "note": "CanisterSprawl worm (Apr 21-22)", "incident": "canistersprawl"}, {"value": "@automagik/genie@4.260421.33-40", "note": "CanisterSprawl (Apr 21-22)", "incident": "canistersprawl"}, {"value": "@fairwords/loopback-connector-es@1.4.3-4", "note": "CanisterSprawl precursor (Apr 8)", "incident": "canistersprawl"}, {"value": "@fairwords/websocket@1.0.38-39", "note": "CanisterSprawl precursor (Apr 8)", "incident": "canistersprawl"}, {"value": "@openwebconcept/design-tokens@1.0.1-3", "note": "CanisterSprawl (Apr 21)", "incident": "canistersprawl"}, {"value": "@openwebconcept/theme-owc@1.0.1-3", "note": "CanisterSprawl (Apr 21)", "incident": "canistersprawl"}, {"value": "@cap-js/sqlite@2.2.2", "note": "SAP package (~250k/wk)", "incident": "mini-shai-hulud"}, {"value": "@cap-js/postgres@2.2.2", "note": "SAP package (~10k/wk)", "incident": "mini-shai-hulud"}, {"value": "@cap-js/db-service@2.10.1", "note": "SAP package (~260k/wk)", "incident": "mini-shai-hulud"}, {"value": "mbt@1.2.48", "note": "SAP build tool (~52k/wk)", "incident": "mini-shai-hulud"}, {"value": "intercom-client@7.0.4", "note": "cross-ecosystem spread", "incident": "mini-shai-hulud"}, {"value": "@tanstack/react-router@1.169.5", "note": "12M weekly downloads", "incident": "mini-shai-hulud-2"}, {"value": "@tanstack/react-router@1.169.8", "note": "12M weekly downloads", "incident": "mini-shai-hulud-2"}, {"value": "@tanstack/router-core@1.169.5", "note": "TanStack router core", "incident": "mini-shai-hulud-2"}, {"value": "@tanstack/router-core@1.169.8", "note": "TanStack router core", "incident": "mini-shai-hulud-2"}, {"value": "@tanstack/*", "note": "40+ packages compromised", "incident": "mini-shai-hulud-2"}, {"value": "@uipath/*", "note": "70+ packages compromised", "incident": "mini-shai-hulud-2"}, {"value": "@uipath/apollo-core@5.9.2", "note": "UiPath enterprise automation", "incident": "mini-shai-hulud-2"}, {"value": "@uipath/cli@1.0.1", "note": "UiPath CLI", "incident": "mini-shai-hulud-2"}, {"value": "@uipath/agent-sdk@1.0.2", "note": "UiPath agent SDK", "incident": "mini-shai-hulud-2"}, {"value": "@mistralai/mistralai@2.2.2", "note": "Mistral AI TypeScript client", "incident": "mini-shai-hulud-2"}, {"value": "@mistralai/mistralai@2.2.3", "note": "Mistral AI TypeScript client", "incident": "mini-shai-hulud-2"}, {"value": "@mistralai/mistralai@2.2.4", "note": "Mistral AI TypeScript client", "incident": "mini-shai-hulud-2"}, {"value": "@mistralai/mistralai-azure@1.7.1", "note": "Mistral AI Azure client", "incident": "mini-shai-hulud-2"}, {"value": "@mistralai/mistralai-azure@1.7.2", "note": "Mistral AI Azure client", "incident": "mini-shai-hulud-2"}, {"value": "@mistralai/mistralai-azure@1.7.3", "note": "Mistral AI Azure client", "incident": "mini-shai-hulud-2"}, {"value": "@mistralai/mistralai-gcp@1.7.1", "note": "Mistral AI GCP client", "incident": "mini-shai-hulud-2"}, {"value": "@mistralai/mistralai-gcp@1.7.2", "note": "Mistral AI GCP client", "incident": "mini-shai-hulud-2"}, {"value": "@mistralai/mistralai-gcp@1.7.3", "note": "Mistral AI GCP client", "incident": "mini-shai-hulud-2"}, {"value": "@antv/*", "note": "323 packages compromised (639 versions)", "incident": "antv"}, {"value": "@antv/g2@5.5.8", "note": "charting library", "incident": "antv"}, {"value": "@antv/g2@5.6.8", "note": "charting library", "incident": "antv"}, {"value": "@antv/g6", "note": "graph visualization", "incident": "antv"}, {"value": "@antv/x6", "note": "diagramming", "incident": "antv"}, {"value": "@antv/l7", "note": "geospatial visualization", "incident": "antv"}, {"value": "@antv/s2", "note": "multidimensional analytics", "incident": "antv"}, {"value": "@antv/f2", "note": "mobile charts", "incident": "antv"}, {"value": "@antv/g", "note": "rendering engine", "incident": "antv"}, {"value": "@antv/g2plot", "note": "chart library", "incident": "antv"}, {"value": "@antv/graphin", "note": "graph analysis", "incident": "antv"}, {"value": "@antv/data-set", "note": "data processing", "incident": "antv"}, {"value": "@antv/scale@0.6.2", "note": "scale utilities (~2.2M weekly)", "incident": "antv"}, {"value": "@antv/scale@0.7.2", "note": "scale utilities", "incident": "antv"}, {"value": "echarts-for-react@3.0.7", "note": "~1.1M weekly downloads", "incident": "antv"}, {"value": "echarts-for-react@3.1.7", "note": "~1.1M weekly downloads", "incident": "antv"}, {"value": "echarts-for-react@3.2.7", "note": "~1.1M weekly downloads", "incident": "antv"}, {"value": "timeago.js@4.1.2", "note": "~1.15M weekly downloads", "incident": "antv"}, {"value": "timeago.js@4.2.2", "note": "~1.15M weekly downloads", "incident": "antv"}, {"value": "size-sensor@1.0.4", "note": "~4.2M monthly downloads", "incident": "antv"}, {"value": "size-sensor@1.1.4", "note": "~4.2M monthly downloads", "incident": "antv"}, {"value": "size-sensor@1.2.4", "note": "~4.2M monthly downloads", "incident": "antv"}, {"value": "canvas-nest.js", "note": "canvas animation", "incident": "antv"}, {"value": "jest-canvas-mock", "note": "testing utility", "incident": "antv"}, {"value": "jest-date-mock", "note": "testing utility", "incident": "antv"} ], "vscode_extensions": [ {"value": "nrwl.angular-console@18.95.0", "note": "Nx Console (2.2M installs, 11-min exposure)", "incident": "antv"} ], "packagist_packages": [ {"value": "intercom/intercom-php@5.0.2", "note": "first npm→Packagist spread (20.7M lifetime)", "incident": "mini-shai-hulud"} ] }, "malware": { "attribution_strings": [ {"value": "TeamPCP Cloud stealer", "note": "self-attribution", "incident": ["trivy", "checkmarx", "litellm"]}, {"value": "tpcp.tar.gz", "note": "exfil bundle", "incident": ["trivy", "checkmarx", "litellm"]}, {"value": "tpcp-docs", "note": "GitHub dead drop", "incident": ["trivy", "checkmarx", "litellm"]}, {"value": "System Telemetry Service", "note": "systemd unit display name", "incident": "litellm"}, {"value": "Runner.Worker", "note": "memory scrape target", "incident": "trivy"}, {"value": "# hacked by teampcp", "note": "xinference comment marker (disputed)", "incident": "xinference"}, {"value": "love.tar.gz", "note": "xinference exfil bundle", "incident": "xinference"}, {"value": "X-QT-SR: 14", "note": "xinference exfil HTTP header", "incident": "xinference"}, {"value": "Shai-Hulud: The Third Coming", "note": "Bitwarden payload identifier", "incident": "bitwarden"}, {"value": "A Mini Shai-Hulud has Appeared", "note": "GitHub repo description", "incident": "mini-shai-hulud"}, {"value": "OhNoWhatsGoingOnWithGitHub", "note": "GitHub commit search marker", "incident": "mini-shai-hulud"}, {"value": "EveryBoiWeBuildIsAWormyBoi", "note": "PyTorch Lightning search marker", "incident": "mini-shai-hulud"}, {"value": "beautifulcastle", "note": "KICS binary fallback C2 URL resolution", "incident": ["kics-docker", "bitwarden", "mini-shai-hulud"]}, {"value": "LongLiveTheResistanceAgainstMachines", "note": "VSCode payload fallback GitHub token acquisition", "incident": ["kics-docker", "bitwarden"]}, {"value": "KICS-Telemetry/2.0", "note": "User-Agent for KICS exfil", "incident": "kics-docker"}, {"value": "claude ", "note": "spoofed commit author", "incident": "mini-shai-hulud"}, {"value": "chore: update dependencies", "note": "malicious commit message", "incident": "mini-shai-hulud"}, {"value": "dependabout", "note": "typosquat branch name (dependabot misspelling)", "incident": "mini-shai-hulud"}, {"value": "firedalazer", "note": "GitHub dead-drop C2 trigger keyword", "incident": "antv"}, {"value": "niagA oG eW ereH :duluH-iahS", "note": "exfil repo description (reversed: Shai-Hulud: Here We Go Again)", "incident": "antv"}, {"value": "python-requests/2.31.0", "note": "spoofed User-Agent for GitHub API calls", "incident": "antv"}, {"value": "Run Copilot", "note": "injected workflow name", "incident": "antv"}, {"value": "Build action for vX.Y.Z", "note": "imposter commit message pattern (actions-cool)", "incident": "antv"}, {"value": "New Package", "note": "imposter commit message (antvis/G2, forged author huiyu.zjt)", "incident": "antv"}, {"value": "format-results", "note": "artifact name for secrets dump", "incident": "antv"} ], "persistence_paths": [ {"value": "~/.config/systemd/user/sysmon.py", "note": "developer machines", "incident": "litellm"}, {"value": "~/.config/sysmon/sysmon.js", "note": "checkmarx-util via VSCode ext", "incident": "checkmarx"}, {"value": "/root/.config/systemd/user/sysmon.service", "note": "KICS systemd", "incident": "checkmarx"}, {"value": "/var/lib/svc_internal/runner.py", "note": "kamikaze v1", "incident": ["trivy", "canisterworm"]}, {"value": "/etc/systemd/system/internal-monitor.service", "note": "kamikaze v1", "incident": ["trivy", "canisterworm"]}, {"value": "/var/lib/pgmon/pgmon.py", "note": "kamikaze v3 worm", "incident": ["trivy", "canisterworm"]}, {"value": "/etc/systemd/system/pgmonitor.service", "note": "kamikaze v3 worm", "incident": ["trivy", "canisterworm"]}, {"value": "~/.config/systemd/user/pgmon.service", "note": "CanisterWorm npm", "incident": "canisterworm"}, {"value": "~/.local/share/pgmon/service.py", "note": "CanisterWorm backdoor", "incident": "canisterworm"}, {"value": "~/.npmrc", "note": "harvested for npm tokens", "incident": "canisterworm"}, {"value": "/etc/npmrc", "note": "harvested for npm tokens", "incident": "canisterworm"}, {"value": "/tmp/.pg_state", "note": "state tracking", "incident": ["trivy", "canisterworm"]}, {"value": "/tmp/pglog", "note": "temp staging", "incident": ["trivy", "canisterworm"]}, {"value": "%APPDATA%\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\msbuild.exe", "note": "Telnyx Windows dropper (AdaptixC2)", "incident": "telnyx"}, {"value": "%APPDATA%\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\msbuild.exe.lock", "note": "lock file (12hr re-infection guard)", "incident": "telnyx"}, {"value": "dllhost.exe (spawned suspended)", "type": "string", "note": "injection target", "incident": "telnyx"}, {"value": "\\\\.\\pipe\\%08lx", "type": "string", "note": "named pipe fallback C2", "incident": "telnyx"}, {"value": "~/.config/audiomon/audiomon.py", "note": "Telnyx Linux backdoor", "incident": "telnyx"}, {"value": "~/.config/systemd/user/audiomon.service", "note": "Telnyx Linux persistence", "incident": "telnyx"}, {"value": "/tmp/.initd_state", "note": "Telnyx state tracking", "incident": "telnyx"}, {"value": ".claude/router_runtime.js", "note": "Mini Shai Hulud payload", "incident": "mini-shai-hulud"}, {"value": ".claude/setup.mjs", "note": "Mini Shai Hulud dropper", "incident": "mini-shai-hulud"}, {"value": ".claude/settings.json", "note": "SessionStart hook persistence", "incident": "mini-shai-hulud"}, {"value": "~/.claude.json", "note": "credential harvest target", "incident": "bitwarden"}, {"value": "~/.kiro/settings/mcp.json", "note": "credential harvest target", "incident": "bitwarden"}, {"value": ".vscode/setup.mjs", "note": "VS Code dropper", "incident": "mini-shai-hulud"}, {"value": ".vscode/tasks.json", "note": "folderOpen task persistence", "incident": "mini-shai-hulud"}, {"value": "results/results-*.json", "note": "exfil staging", "incident": "mini-shai-hulud"}, {"value": "/tmp/tmp.987654321.lock", "note": "instance lock file", "incident": "mini-shai-hulud"}, {"value": "~/.local/share/kitty/cat.py", "note": "Python backdoor (GitHub dead-drop C2)", "incident": "antv"}, {"value": "~/Library/LaunchAgents/com.user.kitty-monitor.plist", "note": "macOS persistence (hourly trigger)", "incident": "antv"}, {"value": "~/.config/systemd/user/kitty-monitor.service", "note": "Linux persistence", "incident": "antv"}, {"value": "/var/tmp/.gh_update_state", "note": "anti-replay state file", "incident": "antv"}, {"value": "/tmp/kitty-*", "note": "staging directories", "incident": "antv"}, {"value": "~/.local/bin/gh-token-monitor.sh", "note": "token polling daemon (60s interval)", "incident": "antv"}, {"value": ".github/workflows/codeql.yml", "note": "injected workflow (Run Copilot)", "incident": "antv"}, {"value": "/tmp/managed.pyz", "note": "initial payload", "incident": "durabletask"}, {"value": "/tmp/rope-*.pyz", "note": "secondary payload", "incident": "durabletask"}, {"value": "~/.cache/.sys-update-check", "note": "general infection marker", "incident": "durabletask"}, {"value": "~/.cache/.sys-update-check-k8s", "note": "Kubernetes infection marker", "incident": "durabletask"}, {"value": "/tmp/.rope_state/ssm_instances.json", "note": "SSM target tracking", "incident": "durabletask"} ], "injected_files": [ {"value": "cmd/trivy/main.go", "note": "Trivy injection", "incident": "trivy"}, {"value": "cmd/trivy/scand.go", "note": "Trivy injection", "incident": "trivy"} ], "kubernetes": [ {"value": "host-provisioner-std", "note": "DaemonSet", "incident": ["trivy", "canisterworm"]}, {"value": "host-provisioner-iran", "note": "DaemonSet (wiper)", "incident": ["trivy", "canisterworm"]}, {"value": "kamikaze", "note": "Container (hostPID: true)", "incident": ["trivy", "canisterworm"]}, {"value": "provisioner", "note": "Container name", "incident": ["trivy", "canisterworm"]}, {"value": "node-setup-*", "note": "Privileged pod pattern", "incident": "litellm"}, {"value": "alpine:latest", "note": "Image for host filesystem mount", "incident": "litellm"} ], "network_behavior": [ {"value": "Scans ports 22, 2375 on local /24", "note": "worm behavior", "incident": ["trivy", "canisterworm"]}, {"value": "/var/log/auth.log", "type": "path", "note": "parsed for targets", "incident": ["trivy", "canisterworm"]}, {"value": "youtube.com connectivity check", "type": "string", "note": "kill switch (50-min poll)", "incident": ["canisterworm", "litellm"]}, {"value": "POST /telemetry/checkmarx.json", "type": "string", "note": "AdaptixC2 beacon URI", "incident": "telnyx"}, {"value": "X-Content-ID header", "type": "string", "note": "AdaptixC2 session header", "incident": "telnyx"}, {"value": "Mozilla/5.0 (Windows NT 6.2; rv:20.0) Gecko/20121202 Firefox/20.0", "type": "string", "note": "AdaptixC2 User-Agent", "incident": "telnyx"}, {"value": "Russian locale exit", "type": "string", "note": "CIS avoidance — exits if ru_* locale detected", "incident": ["bitwarden", "mini-shai-hulud"]}, {"value": "POST /v1/telemetry", "type": "string", "note": "Mini Shai Hulud exfil URI", "incident": "mini-shai-hulud"}, {"value": "GitHub GraphQL API commit search", "type": "string", "note": "dead-drop token retrieval", "incident": "mini-shai-hulud"}, {"value": "bun run index.js", "type": "string", "note": "preinstall hook trigger", "incident": "antv"}, {"value": "/proc//mem read", "type": "string", "note": "Runner.Worker memory scraping", "incident": "antv"}, {"value": "169.254.169.254", "type": "ip", "note": "AWS IMDS credential harvest", "incident": "antv"}, {"value": "169.254.170.2", "type": "ip", "note": "ECS container metadata harvest", "incident": "antv"}, {"value": "127.0.0.1:8200", "type": "url", "note": "Vault token harvest", "incident": "antv"}, {"value": "gh[op]_[A-Za-z0-9]{36,}", "type": "regex", "note": "GitHub PAT pattern", "incident": "antv"}, {"value": "npm_[A-Za-z0-9]{36,}", "type": "regex", "note": "npm token pattern", "incident": "antv"}, {"value": "registry.npmjs.org/-/npm/v1/oidc/token/exchange/package/", "type": "url", "note": "npm OIDC token exchange abuse", "incident": "antv"}, {"value": "runner ALL=(ALL) NOPASSWD:ALL", "type": "string", "note": "sudoers privilege escalation", "incident": "antv"}, {"value": "__DAEMONIZED=1", "type": "envvar", "note": "persistence guard", "incident": "antv"} ], "dune_handles": [ {"value": "sardaukar", "note": "backup GitHub exfil handle", "incident": ["mini-shai-hulud", "antv"]}, {"value": "mentat", "note": "backup GitHub exfil handle", "incident": ["mini-shai-hulud", "antv"]}, {"value": "fremen", "note": "backup GitHub exfil handle", "incident": ["mini-shai-hulud", "antv"]}, {"value": "atreides", "note": "backup GitHub exfil handle", "incident": ["mini-shai-hulud", "antv"]}, {"value": "harkonnen", "note": "backup GitHub exfil handle", "incident": ["mini-shai-hulud", "antv"]}, {"value": "gesserit", "note": "backup GitHub exfil handle", "incident": ["mini-shai-hulud", "antv"]}, {"value": "prescient", "note": "backup GitHub exfil handle", "incident": ["mini-shai-hulud", "antv"]}, {"value": "fedaykin", "note": "backup GitHub exfil handle", "incident": ["mini-shai-hulud", "antv"]}, {"value": "tleilaxu", "note": "backup GitHub exfil handle", "incident": ["mini-shai-hulud", "antv"]}, {"value": "siridar", "note": "backup GitHub exfil handle", "incident": ["mini-shai-hulud", "antv"]}, {"value": "kanly", "note": "backup GitHub exfil handle", "incident": ["mini-shai-hulud", "antv"]}, {"value": "sayyadina", "note": "backup GitHub exfil handle", "incident": ["mini-shai-hulud", "antv"]}, {"value": "ghola", "note": "backup GitHub exfil handle", "incident": ["mini-shai-hulud", "antv"]}, {"value": "powindah", "note": "backup GitHub exfil handle", "incident": ["mini-shai-hulud", "antv"]}, {"value": "prana", "note": "backup GitHub exfil handle", "incident": ["mini-shai-hulud", "antv"]}, {"value": "kralizec", "note": "backup GitHub exfil handle", "incident": ["mini-shai-hulud", "antv"]} ], "dune_repo_names": [ {"value": "sandworm", "note": "Dune-themed repo suffix", "incident": "antv"}, {"value": "ornithopter", "note": "Dune-themed repo suffix", "incident": "antv"}, {"value": "heighliner", "note": "Dune-themed repo suffix", "incident": "antv"}, {"value": "stillsuit", "note": "Dune-themed repo suffix", "incident": "antv"}, {"value": "lasgun", "note": "Dune-themed repo suffix", "incident": "antv"}, {"value": "sietch", "note": "Dune-themed repo suffix", "incident": "antv"}, {"value": "melange", "note": "Dune-themed repo suffix", "incident": "antv"}, {"value": "thumper", "note": "Dune-themed repo suffix", "incident": "antv"}, {"value": "navigator", "note": "Dune-themed repo suffix", "incident": "antv"}, {"value": "futar", "note": "Dune-themed repo suffix", "incident": "antv"}, {"value": "phibian", "note": "Dune-themed repo suffix", "incident": "antv"}, {"value": "slig", "note": "Dune-themed repo suffix", "incident": "antv"}, {"value": "cogitor", "note": "Dune-themed repo suffix", "incident": "antv"}, {"value": "laza", "note": "Dune-themed repo suffix", "incident": "antv"} ] } }