TeamPCP’s operations center on abusing unauthenticated or weakly protected orchestration and management interfaces rather than exploiting traditional endpoints. Initial access is achieved via exposed Docker and Kubernetes APIs, vulnerable React/Next.js applications (CVE-2025-2...

TeamPCP’s operations center on abusing unauthenticated or weakly protected orchestration and management interfaces rather than exploiting traditional endpoints. Initial access is achieved via exposed Docker and Kubernetes APIs, vulnerable React/Next.js applications (CVE-2025-2...

Source: Wiz
Source Link: https://threats.wiz.io/all-incidents/teampcp-cloud-native-campaign-targeting-exposed-control-planes