{
  "$type": "site.standard.document",
  "bskyPostRef": {
    "cid": "bafyreibnxum6rb55jzqdgxi4lyd63qey2xvg25ctrxd7fre2pmhwcxtwxi",
    "uri": "at://did:plc:xb5etev7ncohgebas3kjeqek/app.bsky.feed.post/3mlruqg34xtg2"
  },
  "coverImage": {
    "$type": "blob",
    "ref": {
      "$link": "bafkreigir7nw2gefx5pwfei7xiklzlftek6noag72utmer2kg3cfyonx64"
    },
    "mimeType": "image/jpeg",
    "size": 108648
  },
  "path": "/teampcp-mini-shai-hulud-worm-npm-pypi-packages/",
  "publishedAt": "2026-05-13T15:18:47.000Z",
  "site": "https://hackread.com",
  "tags": [
    "Security",
    "Malware",
    "Cyber Attack",
    "Mini Shai-Hulud",
    "NPM",
    "PyPI",
    "Supply Chain",
    "TeamPCP"
  ],
  "textContent": "Research reveals that TeamPCP hijacked OIDC tokens to poison hundreds of TanStack, Mistral AI, and UiPath packages with the self-propagating Mini Shai-Hulud worm.",
  "title": "TeamPCP Used Mini Shai-Hulud Worm to Poison Over 400 npm and PyPI Packages"
}