<img height="1" width="1" style="display: none" alt="" src="https://px.ads.linkedin.com/collect/?pid=1098858&amp;fmt=gif">

Ransomware Gang Teams Up With Supply Chain Hackers in "Industrialized" Attack Model

Sophos warns of a dangerous alliance between ransomware group Vect and credential-theft gang TeamPCP, escalating cyber threats.
Content Team

Cybersecurity firm Sophos is warning of a dangerous new partnership between ransomware group Vect and TeamPCP, a credential-theft gang tied to the English-speaking Com collective. The collaboration, detailed in a July 2 blog post, combines TeamPCP's large-scale supply chain attacks with Vect's ransomware-as-a-service operation.

The threat is real — Sophos confirmed at least one Vect ransomware deployment using TeamPCP-stolen credentials. In March 2026, TeamPCP compromised 10,000 CI/CD workflows and stole over 500,000 login credentials via Aqua Security's Trivy scanner. The FBI issued a simultaneous FLASH warning, flagging TeamPCP malware including CanisterWorm, Sandclock, and the self-replicating worm Mini Shai-Hulud.

Source: Infosecurity Magazine

Share this article
Share on facebook Share on linkedin Share on twitter Share on email
blog_book_a_demo_cta_3x
Have questions about protecting your software?
Our escrow experts are standing by to help.
Book a free demo