EarlyNarratives
Pricing
Start free trialSign in
Start free trialSign in
Storyline

TeamPCP supply chain campaign expands with new PyPI compromise and ransomware ties

The TeamPCP supply chain campaign has broadened beyond the initial Checkmarx report, now including a PyPI compromise via Telnyx and a partnership with the Vect ransomware affiliate program. The campaign has entered a monetization phase with no new compromises detected in the past 48 hours.

Current brief openSource links open
This current storyline is open here with summary, metadata, source links, continuity context, and full evidence. Paid is for compare-over-time, alerts, exports, and workflow.
BackEvidence (2)Get the free brief by emailStart free trial
No card needed for the free brief.
Evidence trail (top sources)
top sources (1 domains)domains are deduped. counts indicate coverage, not truth.
1 top source shown
limited source diversity in top sources
View all evidence
Overview

The TeamPCP supply chain campaign has broadened beyond the initial Checkmarx report, now including a PyPI compromise via Telnyx and a partnership with the Vect ransomware affiliate program. The campaign has entered a monetization phase with no new compromises detected in the past 48 hours.

Score total
1.24
Momentum 24h
2
Posts
2
Origins
2
Source types
2
Duplicate ratio
0%
Why now
  • Recent updates confirm expansion of TeamPCP campaign scope and new attack vectors.
  • No new compromises in 48 hours suggest a shift to monetization, indicating active threat actor operations.
  • CISA KEV entry and published detection tools provide timely resources for defenders.
Why it matters
  • Supply chain compromises can lead to widespread impact across dependent software ecosystems.
  • Early detection and response tools help mitigate damage from ongoing campaigns.
  • Awareness of campaign evolution aids in prioritizing security audits and monitoring.
Continuity snapshot
  • Trend status: insufficient_history.
  • Continuity stage: emerging_confirmed.
  • Current status: open.
  • 2 current source-linked posts are attached to this storyline.
All evidence
All evidence
Show filters & breakdown
Posts loaded: 0Publishers: 2Origin domains: -Duplicates: -
Showing 2 / 0
Top publishers (this list)
  • isc.sans.edu (1)
  • blueteamsec Reddit community (via Reddit) (1)
Top origin domains (this list)
  • Unknown (2)