Close Menu
  • Home
  • News
  • Cyber Security
  • Internet of Things
  • Tips and Advice

Subscribe to Updates

Get the latest creative news from FooBar about art, design and business.

What's Hot

WhatsApp is Finally Getting Usernames to Help Keep Phone Numbers Private

July 4, 2026

Malicious Perplexity Chrome Extension Intercepted Searches and Address Bar Input

July 4, 2026

Apple Patches 30+ iOS, macOS, Safari Flaws, Including AI-Discovered WebKit Bugs

July 4, 2026
Facebook X (Twitter) Instagram
Sunday, July 5
Facebook X (Twitter) Instagram Pinterest Vimeo
Cyberwire Daily
  • Home
  • News
  • Cyber Security
  • Internet of Things
  • Tips and Advice
Cyberwire Daily
Home»News»Warning Over “Industrialized” Cyber-Attacks by Ransomware Gang
News

Warning Over “Industrialized” Cyber-Attacks by Ransomware Gang

Team-CWDBy Team-CWDJuly 3, 2026No Comments3 Mins Read
Share Facebook Twitter Pinterest LinkedIn Tumblr Reddit Telegram Email
Share
Facebook Twitter LinkedIn Pinterest Email


A ransomware group and a cyber-criminal gang which specializes in stealing credentials through supply chain attacks have teamed up in a move which what has been described by cybersecurity researchers as an “unprecedented model of industrialized ransomware.”

As detailed by Sophos, the collaboration is between the Vect ransomware group and TeamPCP, a group associated with The Com, a collective of English-speaking cyber criminals behind a series of high-profile supply chain attacks.

In a blog post, published on July 2, Sophos warned that the combination of a convergence of TeamPCP’s large-scale supply chain credential theft, which particularly targets developers, alongside Vect’s ransomware-as-a-service service operation represents a “meaningful shift in the ransomware threat landscape”.

The result is that any organization which has had login credentials stolen by TeamPCP could be at additional risk of also falling victim to a ransomware attack by Vect.

Both groups have history of working with other cybercriminal operations. Vect only emerged at the end of 2025, but by early 2026 it had come to an agreement to partner up with BreachForums, the cybercriminal hacking forum. Meanwhile, TeamPCP has previously worked with extortion gangs including the notorious Lapsus$ group.

However, the partnership between TeamPCP and Vect could be particularly potent, given the large number of accounts compromised by TeamPCP. For example, in March 2026, TeamPCP targeted Aqua Security’s Trivy vulnerability scanner, which resulted in the compromise of 10,000 CI and CD workflows and the theft of over 500,000 login credentials, including cloud tokens.

Read More: Why Ransomware Remains One of Cybersecurity’s Most Persistent and Costly Threats

Sophos researchers noted that at least one verified Vect ransomware deployment using TeamPCP-sourced credentials has been confirmed

“Threat groups are increasingly operating like businesses, collaborating to combine respective specialist capabilities and build new attack pipelines. As AI becomes increasingly accessible, we expect the ransomware landscape to industrialise even faster, lowering the barrier to entry by automating much of the work involved in launching attacks,” said Rafe Pilling, director of threat intelligence, Sophos X-Ops Counter Threat Unit (CTU). 

The research on the cybercriminal partnership was published the same day the FBI issued a FLASH warning about the activity of TeamPCP.

“TeamPCP actors have conducted large-scale software supply chain compromises by targeting widely used developers and security tools, gaining access to victim environments and extracting sensitive data, including but not limited to cloud access tokens, SSH keys, and Kubernetes secrets,” the FBI alert said.

The FBI also detailed some of malware and infostealers known to be associated with TeamPCP campaigns. These include CanisterWorm, Sandclock, the self-replicating worm Mini Shai-Hulud, which targets open source repositories, and Miasma, a variant of Mini Shai-Hulud.

With TeamPCP’s focus on compromising software supply chains, plus the partnership with Vect ransomware group, Sophos warned that it is crucial for organizations to ensure they are as well protected as possible against their combined threat.

“The software development environment has quietly become one of the most consequential and least governed attack surfaces in the enterprise,” said Pilling.

“Organizations must shift to a posture where they are able to quickly assess exposure and respond to supply chain attacks. It’s crucial that they carefully verify the integrity and safety of third-party updates before deploying them across their environment,” he added.



Source

Share. Facebook Twitter Pinterest LinkedIn Tumblr Email
Previous ArticleMicrosoft Removes 119 Edge Extensions That Hid Malware in Images and Fonts
Next Article 236,000 DCloud Uni-App Sites Used in Crypto Scams, Phishing, and Wallet Drainers
Team-CWD
  • Website

Related Posts

News

WhatsApp is Finally Getting Usernames to Help Keep Phone Numbers Private

July 4, 2026
News

Malicious Perplexity Chrome Extension Intercepted Searches and Address Bar Input

July 4, 2026
News

Apple Patches 30+ iOS, macOS, Safari Flaws, Including AI-Discovered WebKit Bugs

July 4, 2026
Add A Comment
Leave A Reply Cancel Reply

Latest News

North Korean Hackers Turn JSON Services into Covert Malware Delivery Channels

November 24, 202522 Views

macOS Stealer Campaign Uses “Cracked” App Lures to Bypass Apple Securi

September 7, 202517 Views

North Korean Hackers Target Crypto Firms with ClickFix and Zoom Lures

April 29, 202610 Views

Why SOC Burnout Can Be Avoided: Practical Steps

November 14, 20259 Views

Cyber M&A Roundup: Cyber Giants Strengthen AI Security Offerings

December 1, 20258 Views
Stay In Touch
  • Facebook
  • YouTube
  • TikTok
  • WhatsApp
  • Twitter
  • Instagram
Most Popular

North Korean Hackers Turn JSON Services into Covert Malware Delivery Channels

November 24, 202522 Views

macOS Stealer Campaign Uses “Cracked” App Lures to Bypass Apple Securi

September 7, 202517 Views

North Korean Hackers Target Crypto Firms with ClickFix and Zoom Lures

April 29, 202610 Views
Our Picks

What’s at stake if your employees post too much online

December 1, 2025

What to consider before asking an AI chatbot for health advice

May 27, 2026

In memoriam: David Harley

November 12, 2025

Subscribe to Updates

Get the latest news from cyberwiredaily.com

Facebook X (Twitter) Instagram Pinterest
  • Home
  • Contact
  • Privacy Policy
  • Terms of Use
  • California Consumer Privacy Act (CCPA)
© 2026 All rights reserved.

Type above and press Enter to search. Press Esc to cancel.