Official SAP npm packages compromised to steal credentials

SITREP: Multiple official SAP npm packages have been compromised in a supply-chain attack attributed to TeamPCP, aimed at stealing credentials and authentication tokens from developers' systems. This incident highlights vulnerabilities in software supply chains. TACTICAL ASSESSMENT: The compromise of official npm packages poses a significant risk to developers and organizations relying on SAP software, potentially leading to unauthorized access and data breaches. This incident underscores the need for enhanced security measures in software development and distribution. PROJECTED VECTORS: Further attacks may occur as threat actors exploit similar vulnerabilities in other software packages.