TeamPCP Supply Chain Attacks
TeamPCP is exploiting trusted npm and PyPI packages to compromise developer environments, steal credentials, and extend attacks across software supply chains.
Zerobot, a Mirai-based botnet known for targeting Internet of Things (IoT) devices, has leveraged a critical vulnerability tracked as CVE-2025-68613, to compromise instances of the n8n workflow automation platfor...
The strongest version of this narrative highlights a converging threat landscape where supply chain attacks, botnet-driven exploitation, and state-aligned cyber operations intersect. The disclosure of CVE-2025-68613 and its rapid weaponization by Zerobot underscore the accelerating pace of vulnerability exploitation, amplified by the availability of public exploit tools and the sheer volume of exposed systems. The inclusion of technical details—such as the expression injection mechanism and spec...