TeamPCP Used Mini Shai-Hulud Worm to Poison Over 400 npm and PyPI Packages

Research reveals that TeamPCP hijacked OIDC tokens to poison hundreds of TanStack, Mistral AI, and UiPath packages with the self-propagating Mini Shai-Hulud worm.

A hacking group known as TeamPCP launched a massive coordinated supply chain attack using a self-propagating worm. On 11 May 2026, the group poisoned hundreds of packages across npm and PyPI. This specific wave, dubbed Mini Shai-Hulud, was identified and reported by multiple security firms, including Endor Labs, Wiz, SafeDep, Socket, and StepSecurity.

This attack was incredibly fast, as within just five hours, TeamPCP published over 400 malicious versions across 172 distinct packages, including high-profile targets like TanStack, Mistral AI, OpenSearch, Guardrails AI, and UiPath.

Initial Access and Infiltration

According to SafeDep research, which was among the first firms to detect this burst of malicious publications on the night of May 11, TeamPCP gained unauthorised access to legitimate CI/CD pipelines by hijacking OpenID Connect (OIDC) tokens ...