TeamPCP is partnering with ransomware group Vect to turn open source supply chain attacks on tools like Trivy and LiteLLM into large-scale ransomware ...

Socket

TeamPCP, the threat actor behind recent supply chain attacks on Trivy, LiteLLM, and other open source tools, has announced a partnership with ransomware group Vect to escalate compromises into large-scale ransomware operations. The group is leveraging BreachForums to distribute affiliate keys to over 300,000 members, dramatically expanding their attack capacity. Having already exfiltrated roughly 300 GB of credentials from CI/CD pipelines, TeamPCP is now operationalizing that access for follow-on ransomware campaigns. Security researchers note a massive shift toward targeting open source ecosystems, with AI lowering the barrier to building and deploying malware at scale. CI/CD tools, security scanners, and IDE extensions are highlighted as high-risk entry points due to their broad access within enterprise environments.

TeamPCP Partners With Ransomware Group Vect to Target Open S...

Leveraging Supply Chain Compromise for Ransomware Deployment #

Open Source Infrastructure Is Now a Primary Target #