DM

Daniel Malvaceda

Security researcher focused on supply chain security, CI/CD attack surfaces, and AI security.

GitHub Twitter/X

2 posts

Incident Critical npm PyPI openvsix

TeamPCP Part II: Backdooring the AI Credentials Vault

TeamPCP's endgame: LiteLLM's PyPI wheel backdoored post-build, .pth system-wide persistence, and why AI gateways are a new class of supply chain target.

Daniel Malvaceda · Apr 4, 2026 · 22 min read

Incident Critical GitHub Actions docker-hub

TeamPCP Part I: Twenty Days of Silent Access From a Two-Minute PR

How a two-minute GitHub PR gave TeamPCP 18 days of silent access to Trivy's CI — Pwn Request, non-atomic rotation, and 82 poisoned Actions tags.

Daniel Malvaceda · Apr 3, 2026 · 17 min read