Official SAP npm packages compromised to steal credentials

Multiple official SAP npm packages were compromised in what is believed to be a TeamPCP supply-chain attack to steal credentials and authentication tokens from developers' systems.

what's affectedOfficial SAP npm packages compromised to steal credentials

mitigation statusMonitoring updates

first reportedApr 29, 2026

social pulse

mentions (24h)1039

velocitytrend flat

mentions delta+0% vs prior snapshot

platform splitX 2% · Reddit 0% · GitHub 98%

keywords

packagelitellmcredentials

x analyticsheat 37 (flat)

authors 18verified 0%

likes87

retweets40

replies2

quotes5

summaryLive chatter is accelerating; analysts are actively validating impact.

discussion

0 comments

Loading comments…

sources

https://www.bleepingcomputer.com/news/security/official-sap-npm-packages-compromised-to-steal-credentials/

Curated Apr 29, 2026 by the ahackaday team./Sources verified./Brief grounded in 1 source.

Grace Your AI security internreadyGrace is ready

Grounded in this brief only — Official SAP npm packages compromised to steal credentials. Press ⌘K any time.

You're answering aschange anytime

Pick a playor type your own ↓

Tone

Pick a play above, or type your question

Generate an answer and Grace will return a grounded response for this incident.

scanning advisory feeds…