Emerging Threats//
TeamPCP Supply Chain Attacks
TeamPCP is exploiting trusted npm and PyPI packages to compromise developer environments, steal credentials, and extend attacks across software supply chains.
Telegram has emerged as a significant platform for cybercriminal activity. Threat actors offer goods and services ranging from payment card details to login credentials to malware and other hacking tools. This ecosystem is vast, and it’s challenging to track. Sayak Saha Roy is an assistant professor at Louisiana State University working on online fraud prevention and usable security. He and several colleagues presented a paper at the Usenix Security Symposium in August 2025 titled “DarkGram: A Large-Scale Analysis of Cybercriminal Activity Channels on Telegram.” The paper describes how the researchers used a language model to identify cybercrime-related posts on Telegram channels with a high degree of accuracy. In this Studio 471, Roy describes how it can be used for cyber threat intelligence research, moderation and more.
Participants:
Sayak Saha Roy, Assistant Professor at Louisiana State University, Online Fraud Prevention and Usable Security
Jeremy Kirk, Executive Editor, Cyber Threat Intelligence, Intel 471