SANS Stormcast Monday, April 6th, 2026: TeamPCP Update and Axio Post Mortem; Fortinet 0-Day - SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

Summary4 min read

SANS Stormcast – April 6, 2026

Main Theme & Episode Purpose

A concise update on critical developments in cybersecurity over the past two weeks with a special focus on the TeamPCP threat actor campaign, the Axio supply chain attack post-mortem, and a new Fortinet 0-day vulnerability. Host Johannes B. Ullrich delivers actionable intelligence for practitioners and defenders, clarifying recent incidents and providing practical lessons learned.

Key Discussion Points & Insights

1. TeamPCP Campaign: New Updates & State of Intrusions

[00:26] Recap: TeamPCP published a new update summarizing affected organizations.
- “A couple more systems and organizations that announced they were breached. However, it looks like for almost two weeks now or so we don’t really have any new compromise that is attributed to Team PCP.” — Johannes B. Ullrich [00:26]
Current Activity: Recent disclosures are delayed results of earlier compromises. No evidence of new breaches tied to TeamPCP in the past two weeks.
Caveat on Public Lists: Lists of compromised organizations online are likely incomplete; there are probably many more victims.

2. Axio (Axios) Post-Mortem: Social Engineering Attack

[01:02] Initial Attribution: Early rumors connected Axio's breach to TeamPCP due to timing and nature, but this link is unfounded.
Root Cause: Entirely independent incident based on sophisticated social engineering, not tech exploits.
- “It was actually pretty much social engineering and some of the better social engineering.” — Johannes B. Ullrich [01:24]
Attack Chain:
- Lead developer “Jason” tricked into a video call by a phony company run by North Korean threat actors.
- Received a fake error message before the call, prompting him to install malware, believing it was a legitimate video software update.
- Real-life lesson: Social engineering via video platforms is difficult to resist when users are prompted for updates.
  - “You get that link to the call… tells you, hey, your copy of the video software... needs updating before you can join the call. Some social engineering like this is really hard not to fall for.” — Johannes B. Ullrich [02:01]

3. Axio Incident Timeline & Response

[02:30] Attack Detection: The compromised Axio NPM package (version 0.30) was detected and flagged within minutes of release.
Containment & Remediation: Incident response was swift — within hours — to remove the 0.30 version from the NPM registry.
- “Took quite a while... still relatively short, like a couple hours to then actually get it out of the NPM registrar. Still amazingly fast compared to most other similar events...” — Johannes B. Ullrich [02:55]

4. Ongoing NPM Package Threats

[03:21] Broader Ecosystem Issues: Despite TeamPCP dominating news, malicious NPM packages remain rampant.
- Reference to a SafeDEP IO blog post on new compromised packages targeting CMS Strapi, advertised as feature extensions.
- Attackers aren't impersonating big names but are exploiting demand for niche add-ons.

5. Fortinet 0-Day Advisory

[03:53] Alert Summary: Fortinet issued an urgent security advisory with a hotfix for 40Client EMS (Endpoint Management Server).
- Vulnerability: Already exploited in the wild, allows unauthenticated attackers to execute unauthorized code or commands through crafted requests.
- “Apparently the vulnerability being addressed… is already being exploited in the wild and it does allow an unauthenticated attacker to execute unauthorized code or commands via crafted requests.” — Johannes B. Ullrich [04:02]
Advice: Users should apply the hotfix immediately; a broader update is forthcoming.

Memorable Moments & Quotes

On Social Engineering’s Power:

“Some social engineering like this is really hard not to fall for.” — Johannes B. Ullrich [02:01]
On Awareness of Ongoing npm Threats:

“I’m going to go back to not really covering every single compromised NPM package. But just as a reminder that there’s still plenty of that happening…” — Johannes B. Ullrich [03:21]
On Fast Response but Persistent Risk:

“Still amazingly fast compared to most other similar events that happened in the past.” — Johannes B. Ullrich [02:59]

Important Timestamps

00:26 — TeamPCP campaign updates and new victim disclosures
01:02 — Clarifying Axio (Axios) breach: not TeamPCP, but sophisticated social engineering
02:30 — Timeline: Axio incident detection and containment
03:21 — Surge of malicious npm packages targeting CMS Strapi
03:53 — Urgent Fortinet 0-day advisory and need for patching

Takeaways

Attack Tactics Evolve: Even seasoned developers can fall victim to realistic social engineering, especially with the proliferation of video communication.
Incident Response Matters: Rapid detection and response limit exposure, but risks remain across package managers.
Stay Vigilant: Both supply-chain and infrastructure attacks (NPM, Fortinet) demand constant attention. Patch promptly, and treat all third-party software prompts with skepticism.

For more details, check the referenced SafeDEP IO blog and Fortinet’s advisory as discussed.

Loading summary

Transcript1 lines

[00:05]
A
Hello and welcome to the Monday, April 6, 2026 edition of the SANS, then at Storm Center's Stormcast. My name is Johannes Ulrich, recording today from Jacksonville, Florida and this episode is brought to you by the SANS EDU Graduate Certificate Program in Incident Response. Well, let's start today with a quick update on some of the Team PCP and Axios event from the last two weeks. First of all, TeamPCP can sort of publish another update and summary of what was new. A couple more systems and organizations that announced they were breached. However, it looks like for almost two weeks now or so we don't really have any new compromise that is attributed to Team pcp. These are systems that were compromised in the initial wave and well just now become known as compromised. There are also a number of links to write ups and such with additional details about the malware. And basically what exactly happened here, what was exfiltrated? Couple websites have assembled some lists of compromised organizations, but one word of caution here that they're probably rather incomplete and there are a lot more compromised organizations now. One organization that apparently was not compromised by Team PCP was Axios, and we now have a postmortem here by Axis with additional details. I originally thought it was related to Team PCP because it made sense the type of compromise and of course the timing, but apparently this was completely independent from Team PCP and the Trivi exploit and all of that. Well, we now know it was actually pretty much social engineering and some of the better social engineering. The lead developer here of Axis, who is responsible for the particular NPM pack just compromised, was tricked into joining Video Call with some, well, as it turned out in hindsight, fake company. This company apparently was run by some North Korean actors and it went through quite a bit of length to actually introduce themselves. So the entire compromise started about two weeks earlier. And then during the video Caller, just before it, there was a fake error message that basically came tricked Jason here to install malware. This is sort of a little bit of tricky lesson to get across. And yes, you could say, hey, you know, don't update anything during a video call, but I know myself, you know, you get a link to a video call, whether it's teams, zoom, whatever, you know, there's about half a dozen of different video call software packages people with routinely use. You yourself may be using one or two fairly regular, but then you get that link to the call, you click on the link and tells you, hey, your copy of the video software that you haven't really used in quite a while needs updating before you can join that call. So some social engineering like this is really hard not to fall for. Now there's also an updated, a little bit more accurate timeline of what happened here with the Axis NPM package. It was actually detected very quickly, particularly after they released the compromised 00:30 version. Within a couple minutes it was identified as compromised and sort of the incident response started. It took quite a while, quite a while is still relatively short, like a couple hours to then actually get it out of the NPM registrar. So that was a little bit kind of the delay here in the incident response. Still amazingly fast compared to most other similar events that happened in the past. And with Team PCP no longer being sort of at the top of the news, I'm going to go back to not really covering every single compromised NPM package. But just as a reminder that there's still plenty of that happening, we have a blog post by SafeDEP IO. They're talking about a number of compromised packages related to the CMS strapi. They claim to be extensions for it and offer various features. At least that's what the description does. These don't impersonate any well known developers, but really just are looking for people who are trying to supplement their NPM packages for strapi. And well, in case you're running out of things to do, just ask your organization to use more fortinet devices because they published an urgent advisory this weekend. On Saturday this advisory releases a new hotfix for 40 client ems. And apparently the vulnerability being addressed with this hotfix is already being exploited in the wild and it does allow an unauthenticated attacker to execute unauthorized code or commands via crafted requests. That's all it says here. And there will be an upcoming release that will also include this patch. Well, and this is it for today. Thanks for listening, thanks for liking, thanks for subscribing and as always, talk to you again tomorrow. Bye.