TeamPCP and BreachForums Hackers Running $1,000 Contest for Supply Chain Attacks

HomeCyber Security News TeamPCP and BreachForums Hackers Running $1,000 Contest for Supply Chain Attacks By Abinaya May 14, 2026 The cybercrime underworld is turning open-source supply chain attacks into a twisted competition. After months of infiltrating security tools and CI/CD pipelines, the notorious hacking group TeamPCP has partnered with BreachForums to launch a disturbing new contest. The objective is to compile as many open-source packages as possible. The prize, however, is a surprisingly small payout of $1,000 in Monero cryptocurrency. According to dark web threat intelligence, the contest requires participants to deploy an open-source attack tool called “Shai-Hulud.” Hackers must submit their forum handles and provide proof of access to qualify. Winners are determined by the weekly and monthly download counts of the packages they infect. By allowing attackers to combine the download counts of multiple smaller packages, the scoring system actively encourages reckless, worm-like attacks that spread indiscriminately across the software ecosystem. Hackers Launch Supply Chain Contest While the threat to the supply chain is severe, the $1,000 reward is comically low for the damage being done. Successful supply chain attacks expose highly valuable assets, including CI/CD secrets, cloud credentials, developer tokens, and enterprise source code. BreachForums announced the contest alongside TeamPCP (source : socket) To skilled cybercriminals, this level of access is worth vastly more than a thousand dollars. Security experts view this contest as a strategic public recruitment stunt. It is designed to lure lower-tier hackers who are willing to burn valuable access simply for reputation and bragging rights on cybercrime forums. By crowdsourcing these attacks, TeamPCP is effectively tricking novice hackers into doing the heavy lifting. At the same time, they reap the broader rewards of the compromised infrastructure. TeamPCP has a well-documented history of targeting critical infrastructure, GitHub Actions, Docker images, and package managers like npm and PyPI. They specialize in breaching tools that already hold privileged access, allowing them to harvest credentials for secondary attacks. According to Socket Research, the group recently partnered with the ransomware syndicate Vect, with its credential theft operations already impacting AI firms, government cloud services, manufacturing, and enterprise technology. By releasing Shai-Hulud as an open-source tool, TeamPCP is extending its access-broker pipeline outward. A $1,000 prize might not attract elite threat actors. However, for overworked maintainers and enterprise security teams, the resulting wave of copycat attacks adds a dangerous new layer of risk to the open-source ecosystem. Follow us on Google News, LinkedIn, and X to Get More Instant Updates. Tags cyber security cyber security news Copy URL Linkedin Twitter ReddIt Telegram Abinayahttps://cybersecuritynews.com/ Abi is a Security Editor and fellow reporter with Cyber Security News. She is covering various cyber security incidents happening in the Cyber Space. Trending News Google reCAPTCHA Update Blocks Privacy-Focused Android Users From Sites 10 Best Full Disk Encryption Tools in 2026 Critical MongoDB Vulnerability Allow Attackers to Execute Arbitrary Code New PamDOORa Backdoor Attacking Linux Systems to Steal SSH Credentials Critical 18-Year-Old NGINX Vulnerability Enables Remote Code Execution Attacks Latest News Cyber Security News New Critical Exim Mailer Allows Remote Attacker to Execute Arbitrary Code Cyber Security News Dell Support assist Updates Forces Windows Systems to BSOD Loop Cyber Security News Microsoft Research Shows AI Can Generate Realistic Command Lines and Process Telemetry Cyber Security News Critical GitLab Vulnerabilities Enables XSS and Unauthenticated DoS Attacks Cyber Security News Hackers Abuse Legitimate HWMonitor Binary to Load Malicious DLL Payload