Theme:
Light Dark Auto
GeneralTop StoriesPoliticsBusinessEconomyTechnologyInternationalEnvironmentScienceSportsHealthEducationEntertainmentLifestyleCultureCrime & LawTravel & TourismFood & RecipesFact CheckReligion
TECHNOLOGY
Negative Sentiment

Global cybercrime groups forge industrial ransomware alliance

Read, Watch or Listen

Global cybercrime groups forge industrial ransomware alliance
Media Bias Meter
Sources: 2
Center 100%
Sources: 2

London – On July 2, 2026, the Sophos Counter Threat Unit published a detailed threat intelligence report describing a formal operational partnership between the Vect ransomware group and the credential-harvesting collective TeamPCP, also known in criminal forums as PCPcat, ShellForce and DeadCatx3. Researchers state that the alliance creates an industrialized ransomware model by pairing TeamPCP’s large-scale supply chain credential theft operations with Vect’s automated ransomware deployment infrastructure. According to Sophos, this coordination allows attackers to move quickly from the compromise of software development environments to the mass delivery of ransomware, increasing both the speed and scale of extortion campaigns. London – The report highlights TeamPCP’s role in high-profile supply chain intrusions, including a March 2026 campaign that targeted Aqua Security’s Trivy vulnerability scanner. That attack led to the compromise of more than 10,000 continuous integration and continuous delivery workflows and the theft of over 500,000 login credentials, such as cloud tokens and API keys. Sophos notes that TeamPCP has also collaborated with other major extortion groups, including Lapsus$, and previously ran its own CipherForce ransomware. Vect, a rapidly growing ransomware-as-a-service operation that began recruiting affiliates on the Russian-language Rehub forum on December 31, 2025, claimed its first victims in January 2026 and released its Vect 2.0 variant in February.

Prepared by Jonathan Pierce and reviewed by editorial team.

Timeline of Events

  • Dec 31 2025 Vect begins recruiting ransomware affiliates
  • Jan 2026 Vect claims first ransomware victims
  • Feb 2026 Vect 2.0 ransomware version released
  • Mar 2026 TeamPCP targets Aqua Security Trivy
  • Mar 2026 Over 10,000 CI/CD workflows compromised
  • Mar 2026 More than 500,000 credentials reportedly stolen
  • Previously TeamPCP collaborates with Lapsus$ extortion group
  • Jul 2 2026 Sophos discloses Vect–TeamPCP partnership

Why This Matters to You

This new cybercrime alliance means faster, larger-scale ransomware attacks. Your personal or business data could be at risk. It's crucial to keep your software updated and use strong, unique passwords. Consider using a password manager.

The Bottom Line

Cybersecurity isn't just for techies anymore. With groups like Vect and TeamPCP joining forces, the threat is real and growing. Stay vigilant with your digital hygiene. Worth forwarding if you know someone who's lax about updates or passwords.

Media Bias
Articles Published:
1
Right Leaning:
0
Left Leaning:
0
Neutral:
1

Who Benefited

Not specified in source.

Who Impacted

Not specified in source.

Media Bias
Articles Published:
1
Right Leaning:
0
Left Leaning:
0
Neutral:
1
Distribution:
Left 0%, Center 100%, Right 0%
Who Benefited

Not specified in source.

Who Impacted

Not specified in source.

Coverage of Story:

From Left

No left-leaning sources found for this story.

From Center

Global cybercrime groups forge industrial ransomware alliance

JQJO
From Right

No right-leaning sources found for this story.

Related News

Comments

JQJO App
Get JQJO App
Read news faster on our app
GET