The TeamPCP Attack: How One Stolen Token Compromised Trivy, LiteLLM, and 47 npm Packages — What Every Developer Must Do Now

On March 26, 2026, security researchers at Socket.dev flagged anomalous publishing activity across dozens of npm packages. Within hours, the scope of the incident became clear: a threat actor operating under the handle TeamPCP had compromised a singl...