What is the TeamPCP supply chain campaign?

TeamPCP compromised security tools like Aqua and Checkmarx to harvest 300GB of credentials, now monetizing via ransomware and breaches.

Is Databricks compromised by TeamPCP?

Under investigation—no official confirmation, but playbook-matching screenshots suggest potential downstream exposure via stolen creds.

Should I worry about CipherForce ransomware?

Yes—it's TeamPCP's proprietary op alongside Vect. Add its IOCs, especially the shared RSA-4096 key, to your feeds.

☁️ Cloud Security

TeamPCP's Supply Chain Onslaught Hits Databricks, Splits Ransomware Into Two Deadly Tracks

Databricks is scrambling to verify a potential TeamPCP breach, while the group unleashes dual ransomware tracks and dumps AstraZeneca data for free. This isn't just another hack—it's a monetization masterclass.

Threat Digest Apr 03, 2026 4 min read 10 views

TeamPCP supply chain campaign timeline with Databricks, ransomware tracks, and AstraZeneca icons

⚡ Key Takeaways

Databricks probes TeamPCP-linked breach; rotate creds if CI/CD exposed. 𝕏
TeamPCP runs CipherForce (direct) and Vect (affiliates) ransomware tracks. 𝕏
AstraZeneca 3GB data dumped free by LAPSUS$ after failed sale. 𝕏

Published by

Threat Digest

Threat intelligence. Zero noise.

#AstraZeneca breach #CipherForce ransomware #Databricks breach #Databricks compromise #TeamPCP #supply chain attack

Worth sharing?

Get the best Cybersecurity stories of the week in your inbox — no noise, no spam.

Originally reported by SANS Internet Storm Center

⚡ Key Takeaways

The 60-Second TL;DR

Threat Digest

Share this article

Worth sharing?

Related Stories

TeamPCP's Ruthless Hijack of Security Scanners: 500K Machines, 300GB Stolen

EU Cloud Hack: Stolen AWS Key Exposes 30 Entities' Secrets

North Korean Hackers' Slick Slack Trick: Inside the Axios npm Compromise

Mercor Breach Exposes TeamPCP's LiteLLM Rampage in Real Time

Stay in the loop