top of page
perceptive_background_267k.jpg

TeamPCP is partnering with ransomware group Vect to turn open source supply chain attacks on tools like Trivy and LiteLLM into large-scale ransomware operations…

Published:

26 maart 2026 om 16:45:21

Alert date:

26 maart 2026 om 20:02:56

Source:

socket.dev

Click to open the original link from this advisory

Supply Chain & Dependencies, Ransomware & Malware, Security Tools

TeamPCP has partnered with the Vect ransomware group to leverage open source supply chain compromises for large-scale ransomware operations. The partnership targets security tools like Trivy and LiteLLM, using supply chain attacks as entry points for coordinated ransomware campaigns. Vect is offering affiliation keys to all BreachForums members, potentially creating over 300,000 ransomware affiliates. TeamPCP has already exfiltrated approximately 300 GB of compressed credentials from CI/CD pipelines. The attacks represent a significant shift toward targeting open source infrastructure and developer tools to gain enterprise access.

Technical details

TeamPCP has partnered with Vect ransomware group to leverage supply chain compromises for ransomware operations. The attacks target open source security tools including Trivy and LiteLLM through cross-ecosystem supply chain attacks involving GitHub Actions, OpenVSX extensions, Docker images, and npm and PyPI packages. Vect operates as a ransomware-as-a-service (RaaS) model where affiliates earn 80-88% of profits. The group is distributing affiliation keys to 300k+ BreachForums members to expand potential affiliates. TeamPCP has exfiltrated approximately 300 GB of compressed credentials including tokens and secrets from CI/CD pipelines, with the LiteLLM compromise alone linked to hundreds of thousands of stolen credentials. Supply chain compromises are used as entry points for coordinated ransomware campaigns rather than standalone data theft.

Mitigation steps:

Individuals and organizations that maintain open source tools need to understand the capabilities of TeamPCP in compromising supply chains and extracting credentials at scale. Anything in CI/CD environments that isn't locked down needs attention. Security scanners, IDE extensions, build tooling, and execution environments should be treated as potential entry points since they are granted broad access and attackers are targeting the tools themselves. All components running in CI/CD pipelines should be secured and monitored.

Affected products:

Trivy
LiteLLM
GitHub Actions
OpenVSX extensions
Docker images
npm packages
PyPI packages
CI/CD pipelines

Related links:

https://socket.dev/blog/teampcp-targeting-security-tools-across-oss-ecosystem
https://flare.io/learn/resources/blog/vect-raas-ransomware-esxi-vmware-enterprise
https://x.com/vxunderground/status/2036993405234893152

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Deze website toont informatie afkomstig van externe bronnen; Perceptive aanvaardt geen verantwoordelijkheid voor de juistheid, volledigheid of actualiteit van deze informatie.

bottom of page