After linking the Axios npm supply chain attack to North Korean hackers, Google researchers warned that “hundreds of thousands of stolen secrets could potentially be circulating” as a result of this and the Trivy, KICS, LiteLLM, and Telnyx supply chain attacks (linked to TeamPCP).
“This could enable further software supply chain attacks, software as a service (SaaS) environment compromises (leading to downstream customer compromises), ransomware and extortion events, and cryptocurrency theft over the near term,” they added.
TeamPCP exploits stolen secrets for cloud intrusions
Google-owned cloud security company Wiz has responded to multiple attacks being carried out by TeamPCP.
“[The Wiz Customer Incident Response Team (CIRT)] saw indications in Cloud, Code, and Runtime evidence that the credentials and secrets stolen in the supply chain compromises were quickly validated and used to explore victim [cloud] environments and exfiltrate additional data,” they said.
“While the speed at which they were used suggests that it was the work of the same threat actors responsible for the supply chain operations, we are not able to rule out the secrets being shared with other groups and used by them.”
Tech firm OwnCloud stated last week that it had been affected by the Trivy compromise and their ability to ship new builds of and patches for their software solutions “is temporarily suspended.”
Mercor, a startup that connects human experts with companies building AI, confirmed on Wednesday that it was affected by the LiteLLM supply chain attack.
The company said it is “one of thousands of companies” impacted and its security team and third-party forensics experts are still investigating the incident.
Though the Lapsus$ cyber extortion group claimed to have accessed the company’s databases and source code, Mercor has yet to disclose the extent of the impact/breach.
The connection between TeamPCP and Lapsus$ has been documented. Evidence from Lapsus$’s Telegram channel indicates they had prior knowledge of TeamPCP’s planned supply chain attacks.
TeamPCP has also apparently partnered with the Vect ransomware-as-a-service operation, and is professedly working on spinning up its own RaaS program called CipherForce.
Axios compromise affected organizations around the world
Axios is one of the most widely used JavaScript libraries out there, and the Axios npm supply chain compromise is expected to have a widespread impact.
“With over 100 million weekly downloads across both [affected] branches [of Axios npm], the blast radius of a three-hour compromise window is significant,” Tenable researchers noted.
Palo Alto Networks reports that this supply chain compromise has affected organizations across the US, Europe, Middle East, South Asia and Australia, operating in a variety of industries: financial services, high-tech, retail, professional and legal services, insurance, higher education, customers service, and more.
The attack resulted in a remote access trojan being installed on Windows, macOS and Linux systems, allowing operators to perform system reconnaissance and drop and execute additional binary payloads and commands.
The North Korean group (UNC1069) behind the Axios breach is known for using social engineering to trick people – especially in crypto, DeFi, software, and VC firms – into installing malware, which matches how the Axios maintainer said his system was compromised.
Historically, they have been financially motivated.
“While UNC1069 has had a smaller impact on cryptocurrency heists compared to other groups like UNC4899 in 2025, it remains an active threat targeting centralized exchanges and both entities and individuals for financial gain,” Mandiant researchers noted earlier this year.
Subscribe to our breaking news e-mail alert to never miss out on the latest breaches, vulnerabilities and cybersecurity threats. Subscribe here!
