New TeamPCP operation targeting Durable Task SDK for Python via PyPl.
www.wiz.io/blog/durable...
Amherst/Weslyan/Williams
After this week's Github breach, we checked in on hacker group TeamPCP's victim count: their supply chain attacks have tainted more than 500 pieces of software (a thousand-plus different version) and breached hundreds of companies. This is out of control.
www.wired.com/story/teampc...
Why do some states routinely target civilian systems and commit operational errors, risking escalation, while others pursue highly restrained and carefully calibrated cyber operations, investing enormous amounts of time and resource?
www.tandfonline.com/doi/full/10....
This is nothing short of a bombshell. One of the most trusted media groups in Indonesia has released a report on Russian and Chinese influence operations in Indonesian social media, which blamed local protests on deliberate U.S. meddling. 🧵
1/
Lotus Wiper was likely used to attack PDVSA
One important thing that the Kaspersky report omits is that pdvsa[.]com is hardcoded into OhSyncNow.bat, a file that triggers the wiping operation (HT @benread.bsky.social). This is used to limit the attack to the specified domain
1/11
I laundered my Amherst College contribution through the only 5-college team on the list (UMASS), but I had to do my part.
#GoMammoths
@edsbs.bsky.social @newap-georgia.bsky.social @hollyanderson.bsky.social
New from me and the @wizsecurity.bsky.social CIRT team. A novel suspected DPRK crypto targeting cluster. Their tactics are familiar (compromise via supply chain, job interviews) but their malware and infrastructure is different.
www.wiz.io/blog/threat-...
Russia and China consider new steps to expand their digital cooperation including on software development and satellite Internet and declare adherence to cyber norms. In this post, I review the relevant sections of the recent joint statement from Beijing
fromcyberia.substack.com/p/putin-and-...
GitHub is just the latest victim of TeamPCP, a gang that has carried out a spree of software supply chain attacks that has impacted hundreds of organizations.
Shame on the government of Zambia for buckling under Chinese government pressure over Taiwan and canceling this year’s @rightscon.org. www.rightscon.org/rc26-stateme...
Monica Kello
Ben Read
Andy Greenberg
Ben Read
Ben Read
Ben Read
Tom Pepinsky
Oleg Shakirov
Oleg Shakirov
David Oxley
The English version of the investigative report:
interaktif.tempo.co/proyek/opera...
The question of how states make operational decisions in cyber conflict is under-theorised. Much of existing scholarship has answered it within general frameworks of materialist and rationalist the...
Discover the latest on malicious versions of the pypi package durabletask, matching TeamPCP tactics.
www.wiz.io
A number of Russia supporters accused the late-August 2025 demonstrations of being funded by the United States. The narrative was amplified by domestic actors. This report is part of the Indo-Pacific ...
Kaspersky discovered a new wiper uploaded from Venezuela in mid-December. The campaign likely targeted utilities and energy sector
Evidence suggests it was months in the making
There are no explicit links to previously reported incidents in Venezuela
securelist.com/tr/lotus-wip...
Yenni Kwok
A joint investigation by Tempo, Kompas, Suara, Tribunnews & Drone Emprit found pro-China & pro-Russian foreign influencers & media were involved in spreading conspiracy theories about anti-government protests in Indonesia in August 2025, primarily on X.
interaktif.tempo.co/proyek/opera...
Oleg Shakirov
Sejumlah pendukung Rusia menuding demonstrasi akhir Agustus 2025 didanai oleh Amerika Serikat. Diamplifikasi oleh aktor domestik. Laporan ini bagian dari program Indo-Pasific Media Resilience yang did...
