[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"article-teampcp-supply-chain-ai-poisoning-en":3,"article-related-teampcp-supply-chain-ai-poisoning-en":31,"series-research-7b888d1b-5890-4f27-b580-f8bb958ea5a2":76},{"id":4,"slug":5,"title":6,"content":7,"summary":8,"source":9,"source_url":10,"author":11,"image_url":12,"cover_image":12,"category":13,"language":14,"translated_content":11,"related_article_id":15,"keywords":16,"key_takeaways":23,"views":27,"created_at":28,"published_at":29,"topic_cluster_id":30},"7b888d1b-5890-4f27-b580-f8bb958ea5a2","teampcp-supply-chain-ai-poisoning-en","TeamPCP供应链投毒暴露AI攻击升级","\u003Cp data-speakable=\"summary\">安天CERT指出，TeamPCP正用AI把供应链投毒变成批量化、自动化攻击。\u003C\u002Fp>\u003Cp>安天CERT在一篇分析TeamPCP的报告中称，这个组织已把传统的隐蔽式供应链入侵，改造成“沙暴式”批量投毒：从开源包、CI\u002FCD流水线到开发者凭证，攻击面被连续放大。报告强调，AI正在缩短恶意代码迭代周期，并让攻击者更容易伪装发布、干扰溯源和扩大入侵规模。\u003C\u002Fp>\u003Ctable>\u003Cthead>\u003Ctr>\u003Cth>項目\u003C\u002Fth>\u003Cth>數值\u003C\u002Fth>\u003C\u002Ftr>\u003C\u002Fthead>\u003Ctbody>\u003Ctr>\u003Ctd>攻击程序迭代周期\u003C\u002Ftd>\u003Ctd>8个月内完成多轮更新\u003C\u002Ftd>\u003C\u002Ftr>\u003Ctr>\u003Ctd>重点行动\u003C\u002Ftd>\u003Ctd>Chalk\u002FDebug、Shai-Hulud、Megalodon、Mini Shai-Hulud\u003C\u002Ftd>\u003C\u002Ftr>\u003Ctr>\u003Ctd>主力生成工具\u003C\u002Ftd>\u003Ctd>Claude 3.5 Sonnet + Claude Code CLI\u003C\u002Ftd>\u003C\u002Ftr>\u003Ctr>\u003Ctd>辅助模型\u003C\u002Ftd>\u003Ctd>GPT-4o、GPT-4 Turbo\u003C\u002Ftd>\u003C\u002Ftr>\u003Ctr>\u003Ctd>可信标准击穿\u003C\u002Ftd>\u003Ctd>SLSA L3\u003C\u002Ftd>\u003C\u002Ftr>\u003C\u002Ftbody>\u003C\u002Ftable>\u003Ch2>What changed\u003C\u002Fh2>\u003Cp>报告把TeamPCP的打法概括为“广而快”的投毒模式，而不是传统那种长期潜伏、点对点渗透的供应链攻击。攻击者不再只盯单个仓库或单个维护者，而是批量污染开源组件、劫持CI\u002FCD流程、窃取OIDC令牌，再把恶意负载嵌入正常发布链路。\u003C\u002Fp>\n\u003Cfigure class=\"my-6\">\u003Cimg src=\"https:\u002F\u002Fxxdpdyhzhpamafnrdkyq.supabase.co\u002Fstorage\u002Fv1\u002Fobject\u002Fpublic\u002Fcovers\u002Finline-1782162171698-7dpn.png\" alt=\"TeamPCP供应链投毒暴露AI攻击升级\" class=\"rounded-xl w-full\" loading=\"lazy\" \u002F>\u003C\u002Ffigure>\n\u003Cp>更关键的是，AI被直接放进了作恶流程：Claude 3.5 Sonnet和\u003Ca href=\"\u002Fnews\u002Fanthropic-github-repositories-claude-code-push-en\">Claude Code\u003C\u002Fa> CLI被用于生成脚手架、启动脚本和后门逻辑，GPT-4o被用来细化攻击逻辑和混淆代码，\u003Ca href=\"\u002Ftag\u002Fcopilot\">Copilot\u003C\u002Fa>则补全局部片段。报告称，这种人机协同把工具进化周期从“月”压到“周、日”级别。\u003C\u002Fp>\u003Cul>\u003Cli>8个月内，TeamPCP完成多轮攻击迭代。\u003C\u002Fli>\u003Cli>Mini Shai-Hulud中，攻击者劫持TanStack官方CI\u002FCD并窃取OIDC令牌。\u003C\u002Fli>\u003Cli>恶意程序可伪装成符合SLSA L3的可信发布产物。\u003C\u002Fli>\u003Cli>通信还被伪装成OpenTelemetry遥测接口，降低识别难度。\u003C\u002Fli>\u003C\u002Ful>\u003Cp>报告还指出，TeamPCP并不只做入侵，还主动做“溯源干扰”：通过多语种混杂注释、字符倒置加密和刻意植入的误导线索，抬高事后分析成本。对攻击者来说，AI不只是写代码的工具，也是伪装、分发和误导的加速器。\u003C\u002Fp>\u003Ch2>Why it matters\u003C\u002Fh2>\u003Cp>对开发团队而言，这意味着防线不再只在仓库权限和包管理器上，CI\u002FCD、云凭证、构建缓存、第三方Action和AI开发工具都可能成为入口。只要一个上游环节被攻陷，恶意代码就能借正常发布流程进入下游项目，影响范围远超单个仓库。\u003C\u002Fp>\n\u003Cfigure class=\"my-6\">\u003Cimg src=\"https:\u002F\u002Fxxdpdyhzhpamafnrdkyq.supabase.co\u002Fstorage\u002Fv1\u002Fobject\u002Fpublic\u002Fcovers\u002Finline-1782162168725-jzc4.png\" alt=\"TeamPCP供应链投毒暴露AI攻击升级\" class=\"rounded-xl w-full\" loading=\"lazy\" \u002F>\u003C\u002Ffigure>\n\u003Cp>对市场来说，供应链安全正在从“单点防护”转向“全链路验证”。报告提到的SBOM、签名、来源证明和SLSA等机制仍然重要，但TeamPCP案例表明，这些信任标记本身也可能被伪造。下一步的重点，不只是检查有没有签名，而是验证签名、流水线、身份和产物之间是否真的一致。\u003C\u002Fp>\u003Cp>结论很直接：当AI把投毒成本压低、把伪装能力抬高后，开发者需要问的不是“有没有恶意包”，而是“哪一层信任已经被污染”。\u003C\u002Fp>","安天CERT称TeamPCP借AI批量生成恶意代码、伪造可信发布与溯源干扰，推动供应链攻击从隐蔽渗透转向高频投毒。","zhuanlan.zhihu.com","https:\u002F\u002Fzhuanlan.zhihu.com\u002Fp\u002F2050997231738688260",null,"https:\u002F\u002Fxxdpdyhzhpamafnrdkyq.supabase.co\u002Fstorage\u002Fv1\u002Fobject\u002Fpublic\u002Fcovers\u002Finline-1782162171698-7dpn.png","research","en","faea762d-3f1d-446a-89af-d8278d8eb21f",[17,18,19,20,21,22],"TeamPCP","供应链安全","AI攻击","CI\u002FCD","SLSA","开源包",[24,25,26],"TeamPCP把供应链攻击做成了批量化、自动化投毒。","Claude、GPT-4o和Copilot被用于生成和改写恶意代码。","CI\u002FCD、OIDC和SLSA L3成了新的高风险信任点。",0,"2026-06-22T21:02:23.140079+00:00","2026-06-22T21:02:23.139+00:00","3103988e-c4fe-45e3-98ab-846500c9d507",{"tags":32,"relatedLang":35,"relatedPosts":39},[33],{"name":20,"slug":34},"cicd",{"id":15,"slug":36,"title":37,"language":38},"teampcp-supply-chain-ai-poisoning-zh","TeamPCP 供应链投毒升級","zh",[40,46,52,58,64,70],{"id":41,"slug":42,"title":43,"cover_image":44,"image_url":44,"created_at":45,"category":13},"fa4555ac-ba1b-4d3a-8563-b43f6a2757b3","anthropic-scale-lead-frontier-ai-moat-en","Anthropic’s scale lead is the real moat in frontier AI","https:\u002F\u002Fxxdpdyhzhpamafnrdkyq.supabase.co\u002Fstorage\u002Fv1\u002Fobject\u002Fpublic\u002Fcovers\u002Finline-1782169363684-kjh1.png","2026-06-22T23:02:23.725574+00:00",{"id":47,"slug":48,"title":49,"cover_image":50,"image_url":50,"created_at":51,"category":13},"f05d7971-4858-4384-81d8-00299b99ed17","ethereum-wikipedia-dev-cheat-sheet-en","Ethereum turns Wikipedia into a dev cheat sheet","https:\u002F\u002Fxxdpdyhzhpamafnrdkyq.supabase.co\u002Fstorage\u002Fv1\u002Fobject\u002Fpublic\u002Fcovers\u002Finline-1782152297559-pocz.png","2026-06-22T18:17:50.367827+00:00",{"id":53,"slug":54,"title":55,"cover_image":56,"image_url":56,"created_at":57,"category":13},"8047afc9-35a3-4ad1-8e62-2a8881027bc3","anthropic-robodog-test-physical-agentic-ai-en","Anthropic’s robodog test shows physical agentic AI is arriving","https:\u002F\u002Fxxdpdyhzhpamafnrdkyq.supabase.co\u002Fstorage\u002Fv1\u002Fobject\u002Fpublic\u002Fcovers\u002Finline-1782136968972-srd9.png","2026-06-22T14:02:22.977364+00:00",{"id":59,"slug":60,"title":61,"cover_image":62,"image_url":62,"created_at":63,"category":13},"354441d5-652c-4658-a446-14f101f5e084","rootly-benchmark-llama-4-trails-coding-models-en","Rootly benchmark: Llama 4 trails coding models","https:\u002F\u002Fxxdpdyhzhpamafnrdkyq.supabase.co\u002Fstorage\u002Fv1\u002Fobject\u002Fpublic\u002Fcovers\u002Finline-1782086567786-wz4t.png","2026-06-22T00:02:22.751682+00:00",{"id":65,"slug":66,"title":67,"cover_image":68,"image_url":68,"created_at":69,"category":13},"569999a1-0afb-46a6-929a-2c9089682668","8tai-jiqiren-ziji-zuo-shiyan-en","8台机器人怎么自己做实验","https:\u002F\u002Fxxdpdyhzhpamafnrdkyq.supabase.co\u002Fstorage\u002Fv1\u002Fobject\u002Fpublic\u002Fcovers\u002Finline-1782073087231-rcfn.png","2026-06-21T20:17:41.340146+00:00",{"id":71,"slug":72,"title":73,"cover_image":74,"image_url":74,"created_at":75,"category":13},"8cdb1cdd-1014-4c4c-9ea3-63dc78301524","xtragpt-paper-revision-human-ai-collaboration-en","XtraGPT lets you revise papers with control","https:\u002F\u002Fxxdpdyhzhpamafnrdkyq.supabase.co\u002Fstorage\u002Fv1\u002Fobject\u002Fpublic\u002Fcovers\u002Finline-1782066795284-78ju.png","2026-06-21T18:32:49.655317+00:00",[77,82,87,92,97,102,107,112,117,122],{"id":78,"slug":79,"title":80,"created_at":81},"a2715e72-1fe8-41b3-abb1-d0cf1f710189","ai-predictions-2026-big-changes-en","AI Predictions for 2026: Brace for Big Changes","2026-03-26T01:25:07.788356+00:00",{"id":83,"slug":84,"title":85,"created_at":86},"8404bd7b-4c2f-4109-9ec4-baf29d88af2b","ml-papers-of-the-week-github-research-desk-en","ML Papers of the Week Turns GitHub Into a Research Desk","2026-03-27T01:11:39.480259+00:00",{"id":88,"slug":89,"title":90,"created_at":91},"87897a94-8065-4464-a016-1f23e89e17cc","ai-ml-conferences-to-watch-in-2026-en","AI\u002FML Conferences to Watch in 2026","2026-03-27T01:51:54.184108+00:00",{"id":93,"slug":94,"title":95,"created_at":96},"6f1987cf-25f3-47a4-b3e6-db0997695be8","openclaw-agents-manipulated-self-sabotage-en","OpenClaw Agents Can Be Manipulated Into Failure","2026-03-28T03:03:18.899465+00:00",{"id":98,"slug":99,"title":100,"created_at":101},"a53571ad-735a-4178-9f93-cb09b699d99c","vega-driving-language-instructions-en","Vega: Driving with Natural Language Instructions","2026-03-28T14:54:04.698882+00:00",{"id":103,"slug":104,"title":105,"created_at":106},"a34581d6-f36e-46da-88bb-582fb3e7425c","personalizing-autonomous-driving-styles-en","Drive My Way: Personalizing Autonomous Driving Styles","2026-03-28T14:54:26.148181+00:00",{"id":108,"slug":109,"title":110,"created_at":111},"2bc1ad7f-26ce-4f02-9885-803b35fd229d","training-knowledge-bases-writeback-rag-en","Training Knowledge Bases with WriteBack-RAG","2026-03-28T14:54:45.643433+00:00",{"id":113,"slug":114,"title":115,"created_at":116},"71adc507-3c54-4605-bbe2-c966acd6187e","packforcing-long-video-generation-en","PackForcing: Efficient Long-Video Generation Method","2026-03-28T14:55:02.646943+00:00",{"id":118,"slug":119,"title":120,"created_at":121},"675942ef-b9ec-4c5f-a997-381250b6eacb","pixelsmile-facial-expression-editing-en","PixelSmile Framework Enhances Facial Expression Editing","2026-03-28T14:55:20.633463+00:00",{"id":123,"slug":124,"title":125,"created_at":126},"6954fa2b-8b66-4839-884b-e46f89fa1bc3","adaptive-block-scaled-data-types-en","IF4: Smarter 4-Bit Quantization That Adapts to Your Data","2026-03-31T06:00:36.65963+00:00"]