THREATNOIR
Subscribe
Back to Feed
Supply ChainApr 30, 2026

TeamPCP Hits SAP Packages With 'Mini Shai-Hulud' Attack

TeamPCP compromises npm packages in SAP's cloud development ecosystem.

Read at source

Summary

TeamPCP has compromised multiple npm packages targeting SAP's cloud application development ecosystem in a new supply chain attack campaign dubbed 'Mini Shai-Hulud'. The attack represents an expansion of TeamPCP's targeting beyond previous campaigns, leveraging compromised npm dependencies to potentially distribute malicious code to developers using SAP's tools.

Indicators of Compromise

  • malware — Mini Shai-Hulud

Entities

TeamPCP (threat_actor)SAP (vendor)npm (technology)Mini Shai-Hulud (campaign)