Skip to content
You can now search across every topic, entity and event.What's new
Timeline

SANDCLOCK

A credential stealer used by UNC6780 (TeamPCP) to exfiltrate AWS keys, GitHub tokens, and supply-chain credentials enabling downstream repository and infrastructure access.

2 of 2 entries (2 events, 0 interactions)

Filters
#411 May

Exfiltrated credentials from the Trivy supply-chain compromise to enable Cisco repository access

Cybersecurity: Threats and Defences: UNC6780 takes Cisco AI Defense source code
#48 May

Exfiltrated AWS keys and GitHub tokens enabling the LiteLLM intrusion

Cybersecurity: Threats and Defences: LiteLLM SQL injection hits in 36 hours