SAP npm supply-chain compromise reveals persistent TeamPCP targeting of enterprise developer infrastructure
Official SAP npm packages were compromised to inject credential-stealing malware, directly compromising developers' authentication tokens and local systems. This represents a high-impact supply-chain attack against enterprise development environments at scale.
Affected
Multiple official SAP npm packages were poisoned with credential-stealing malware in a sophisticated supply-chain attack attributed to TeamPCP. The compromise bypassed npm's security controls and allowed malicious code execution on developer machines during routine dependency installation. Given SAP's position in enterprise software, the attack surface extends across Fortune 500 companies and their development teams.
The technical approach involved injecting post-install scripts into legitimate SAP packages, a method that executes automatically when npm installs dependencies. The malware specifically targeted environment variables, shell histories, SSH keys, and authentication tokens stored on developer workstations. This data collection methodology indicates adversary focus on lateral movement and persistent access to enterprise networks rather than immediate financial gain.
Organisations using affected SAP npm packages face immediate risk of compromised developer credentials being used for: authentication token theft enabling API abuse, SSH key extraction facilitating network access, and environment variable exfiltration exposing cloud provider credentials. The compromise is particularly severe because npm dependencies are trusted implicitly by developers and are rarely audited for malicious code at installation time.
Defenders should treat this as a critical incident requiring immediate response: identify all systems that installed affected SAP packages within your organisation, rotate all developer credentials and authentication tokens, audit shell histories and recent logins for anomalous activity, and implement strict npm package verification policies. This includes scanning npm package integrity hashes and enforcing offline package review for enterprise-critical dependencies.
This attack demonstrates that supply-chain poisoning continues to bypass organisational defences because the trust model for open-source dependencies remains fundamentally broken. Even official vendor packages cannot be assumed safe. The incident suggests TeamPCP and similar actors have matured their capability to compromise upstream sources directly rather than registering typosquatting packages, representing an evolution in supply-chain attack sophistication.
Sources