NPM Supply-Chain Attack Spreads via Compromised Packages, Linked to TeamPCP’s LiteLLM Method

A new supply chain worm targeting the npm ecosystem has been discovered, sharing significant overlap with recent attacks attributed to the threat group TeamPCP, according to security researchers.

The worm, which payloads reference the ‘TeamPCP/LiteLLM method’, is actively compromising packages in the npm registry by stealing sensitive credentials and propagating through developer environments, mirroring tactics seen in prior supply chain compromises.

Analysis indicates the malware follows a pattern consistent with the widespread Shai-Hulud worm identified in September 2025, which compromised over 500 npm packages by harvesting GitHub Personal Access Tokens and cloud service API keys for AWS, GCP, and Azure before exfiltrating them to actor-controlled endpoints.