TeamPCP continues its string of supply chain attacks, and announces a partnership with Vect ransomware group.

Unit42 is a cybersecurity research team known for its  analysis of cyber threats, malware, and cyber attack trends. Through research reports, threat intelligence briefings, and data analysis, Unit42 offers insights into emerging cyber threats and adversary tactics. Readers can learn about threat detection methodologies, vulnerability trends, and cyber attack attribution to enhance their cybersecurity posture and protect their organizations from advanced cyber threats.

Unit 42

Between February and March 2026, threat group TeamPCP executed a multi-stage supply chain attack targeting widely used open-source security tools including Aqua Security Trivy, Checkmarx KICS, BerriAI LiteLLM, and the Telnyx Python SDK. Attackers compromised GitHub Actions workflows and PyPI publishing tokens to inject infostealer payloads that silently exfiltrated cloud access tokens, SSH keys, Kubernetes secrets, and LLM API keys. The operation evolved through three payload versions, culminating in CanisterWorm — a self-replicating worm with a decentralized ICP-based C2 and a destructive wiper component. Using harvested tokens, TeamPCP infected 48 additional npm packages in under 60 seconds. Estimated impact includes over 300 GB of exfiltrated data and credentials from 500,000 machines. The group has announced a partnership with the Vect ransomware group and publicly claimed 16 victim organizations. Mitigation guidance covers SBOM visibility, CI/CD policy hardening, and auditing of GitHub PATs and cloud credentials.

Weaponizing the Protectors: TeamPCP’s Multi-Stage Supply Chain Attack on Security Infrastructure

Palo Alto Networks Product Protections for TeamPCP’s Multi-Stage Supply Chain Attack