TeamPCP has partnered with ransomware group Vect after exfiltrating ~300GB of credentials from CI/CD environments, targeting open source supply chains.

“We will chain these compromises into devastating follow-on ransomware campaigns.”

Details → https://socket.dev/blog/teampcp-partners-with-vect-targeting-oss-supply-chains