Find notable cyber news and cases, enriched with sources, timelines, and signals.

Vect and TeamPCP industrialize ransomware through a supply-chain credential-theft alliance

Threat Actor Meta
First reported
Last updated
Happening score
H score 67
1 unique sources, 1 articles

Summary

Hide ▲

Vect and TeamPCP formed a new ransomware-as-a-service partnership that combines supply-chain credential theft with extortion, expanding the risk of follow-on attacks against compromised developer environments. The alliance creates an industrialized ransomware pipeline that can turn stolen access into faster and broader victimization.

Related Happenings

The Gentlemen ransomware group’s 90/10 RaaS model and rapid victim growth

Threat Actor Meta
H score26 First: 10.06.2026 17:03 Last: 10.06.2026 17:03 Sources 1

About this happening: **The Gentlemen** ransomware group has become a high-volume **RaaS** operation, using a **90/10 affiliate split** to attract operators and expand its reach. The group now ranks as...

Silent Ransom Group shifts from Conti-linked ransomware participation to standalone data-theft extortion

Threat Actor Meta
H score21 First: 07.06.2026 17:09 Last: 07.06.2026 17:09 Sources 1

About this happening: **Silent Ransom Group (UNC3753)** is a **standalone data-theft extortion** actor that has operated separately since **2022** after the **Conti** shutdown, using stolen data and le...

TeamPCP and Vect partner to turn supply-chain compromises into ransomware follow-on campaigns

Threat Actor Meta
H score11 First: 31.03.2026 15:15 Last: 31.03.2026 15:15 Sources 1

About this happening: TeamPCP and **Vect ransomware group** are linking **supply-chain compromises** to **follow-on ransomware campaigns**, broadening extortion risk for affected organizations. The shi...

TeamPCP supply-chain credential-exploitation campaign

Campaign
H score34 First: 31.03.2026 15:15 Last: 31.03.2026 15:15 Sources 1

About this happening: The **TeamPCP** campaign now includes a confirmed **GitHub** compromise tied to a poisoned **Nx Console VS Code extension**. GitHub said the breach of its internal repositories ca...

Latest development: 12.05.2026 01:03

TeamPCP compromised the Checkmarx Jenkins AST plugin by publishing a rogue version to repo.jenkins-ci.org on May 9, 2026, outside the official release pipeline. The malicious upload was tied to access to Checkmarx GitHub repositories and was used to deliver credential-stealing malware and malicious code to the affected organization.

Beast ransomware group’s RaaS model and shared TTPs exposed through an open server

Threat Actor Meta
H score37 First: 20.03.2026 18:31 Last: 20.03.2026 18:31 Sources 1

About this happening: An exposed **Beast ransomware group** server now shows its **RaaS operating model** and reusable toolset, complicating attribution across ransomware crews. The recovered materials...

Timeline

  1. 03.07.2026 14:30 2 articles · 6d ago

    Vect and TeamPCP industrialize ransomware through a supply-chain credential-theft alliance

    Initial Disclosure

    Vect and TeamPCP moved from separate criminal specialties to a shared extortion pipeline. The partnership links **stolen developer access** with **ransomware deployment**, broadening downstream victim risk.

    Show sources