{"id":2171,"date":"2026-03-27T15:00:41","date_gmt":"2026-03-27T15:00:41","guid":{"rendered":"https:\/\/blog.ibvl.in\/index.php\/2026\/03\/27\/teampcp-supply-chain-campaign-update-002-telnyx-pypi-compromise-vect-ransomware-mass-affiliate-program-and-first-named-victim-claim-fri-mar-27th\/"},"modified":"2026-03-27T15:00:41","modified_gmt":"2026-03-27T15:00:41","slug":"teampcp-supply-chain-campaign-update-002-telnyx-pypi-compromise-vect-ransomware-mass-affiliate-program-and-first-named-victim-claim-fri-mar-27th","status":"publish","type":"post","link":"https:\/\/blog.ibvl.in\/index.php\/2026\/03\/27\/teampcp-supply-chain-campaign-update-002-telnyx-pypi-compromise-vect-ransomware-mass-affiliate-program-and-first-named-victim-claim-fri-mar-27th\/","title":{"rendered":"TeamPCP Supply Chain Campaign: Update 002 &#8211; Telnyx PyPI Compromise, Vect Ransomware Mass Affiliate Program, and First Named Victim Claim, (Fri, Mar 27th)"},"content":{"rendered":"<div>\n<p>This is the second update to the TeamPCP supply chain campaign threat intelligence report,\u00a0<a href=\"https:\/\/www.sans.org\/white-papers\/when-security-scanner-became-weapon\">&#8220;When the Security Scanner Became the Weapon&#8221;<\/a>\u00a0(v3.0, March 25, 2026). Update 001 covered developments through March 26. This update covers developments from March 26-27, 2026.<\/p>\n<h2 id=\"critical-telnyx-python-sdk-compromised-on-pypi----new-wav-steganography-ttp\">CRITICAL: Telnyx Python SDK Compromised on PyPI &#8212; New WAV Steganography TTP<\/h2>\n<p>TeamPCP compromised the\u00a0<a href=\"https:\/\/pypi.org\/project\/telnyx\/\">telnyx<\/a>\u00a0Python SDK (670,000+ monthly downloads) on PyPI, publishing malicious versions 4.87.1 and 4.87.2 at approximately 03:51 UTC on March 27, 2026. No corresponding GitHub releases or tags exist for these versions &#8212; the attacker used stolen PyPI credentials rather than a repository compromise.<\/p>\n<p>The most significant technical finding is a new TTP:\u00a0<strong>WAV audio file steganography<\/strong>. Payloads are embedded inside\u00a0<code>.wav<\/code>\u00a0files, which blend naturally with Telnyx&#8217;s purpose as a voice and telecom API provider. Platform-specific payloads are delivered:<\/p>\n<ul>\n<li><strong>Windows:<\/strong>\u00a0A persistent binary dropped to the Startup folder as\u00a0<code>msbuild.exe<\/code><\/li>\n<li><strong>Linux\/macOS:<\/strong>\u00a0A credential harvester following the same pattern as the LiteLLM compromise<\/li>\n<\/ul>\n<p>Forensic analysis by\u00a0<a href=\"https:\/\/www.aikido.dev\/blog\/telnyx-pypi-compromised-teampcp-canisterworm\">Aikido Security<\/a>,\u00a0<a href=\"https:\/\/research.jfrog.com\/post\/team-pcp-strikes-again-telnyx-popular-library-hit\/\">JFrog<\/a>, and\u00a0<a href=\"https:\/\/safedep.io\/malicious-telnyx-pypi-compromise\/\">SafeDep<\/a>\u00a0confirms the same RSA-4096 public key and\u00a0<code>tpcp.tar.gz<\/code>\u00a0exfiltration pattern seen in the LiteLLM compromise. Both malicious versions have been quarantined by PyPI.<\/p>\n<p><strong>Recommended action:<\/strong>\u00a0Check your Python environments and CI\/CD pipelines for telnyx versions 4.87.1 or 4.87.2. If found, treat all credentials accessible to that environment as compromised and rotate immediately. The last known-safe version is 4.87.0. Also search for\u00a0<code>.wav<\/code>\u00a0files in unexpected locations,\u00a0<code>msbuild.exe<\/code>\u00a0in Windows Startup folders, and outbound connections to known TeamPCP exfiltration domains.<\/p>\n<p>This confirms the &#8220;expansion to additional PyPI packages&#8221; watch item from Update 001. TeamPCP&#8217;s PyPI campaign is not limited to LiteLLM &#8212; they are actively working through stolen credentials to compromise additional high-value packages.<\/p>\n<h2 id=\"critical-teampcp-partners-with-vect-ransomware-and-breachforums-for-mass-affiliate-program\">CRITICAL: TeamPCP Partners with Vect Ransomware and BreachForums for Mass Affiliate Program<\/h2>\n<p>TeamPCP has formally partnered with the\u00a0<a href=\"https:\/\/www.halcyon.ai\/ransomware-alerts\/emerging-ransomware-group-vect\">Vect ransomware-as-a-service<\/a>\u00a0operation and BreachForums. Per\u00a0<a href=\"https:\/\/cybernews.com\/security\/litellm-hack-spawning-massive-cybercrime-alliance\/\">Cybernews<\/a>\u00a0and\u00a0<a href=\"https:\/\/www.infosecurity-magazine.com\/news\/researchers-warn-new-vect-raas\/\">Infosecurity Magazine<\/a>, the announcement states that all approximately 300,000 registered BreachForums users will receive personal Vect affiliate keys.<\/p>\n<p>The operational model: TeamPCP provides initial access via compromised supply chain packages and stolen credentials, Vect provides encryption and extortion tooling, and BreachForums provides the operator base.<\/p>\n<p>Analysts assess this represents a fundamental shift from supply chain credential theft to industrialized ransomware deployment. If even a small fraction of 300,000 users activate, this could become one of the largest coordinated ransomware affiliate mobilizations observed. The convergence of supply chain compromise, ransomware-as-a-service, and dark web forum mobilization at this scale is, to the best of our knowledge, unprecedented.<\/p>\n<p><strong>Recommended action:<\/strong>\u00a0Organizations that were exposed to any phase of the TeamPCP campaign (Trivy, Checkmarx, LiteLLM, Telnyx) should assume their stolen credentials may now be distributed to a large affiliate network. Credential rotation is no longer optional &#8212; it is urgent. Monitor for Vect ransomware indicators.<\/p>\n<h2 id=\"high-lapsus-claims-3gb-astrazeneca-breach-using-teampcp-credentials\">HIGH: LAPSUS$ Claims 3GB AstraZeneca Breach Using TeamPCP Credentials<\/h2>\n<p>LAPSUS$ is publicly claiming a 3GB breach of AstraZeneca, as reported by\u00a0<a href=\"https:\/\/www.securityweek.com\/extortion-group-claims-it-hacked-astrazeneca\/\">SecurityWeek<\/a>\u00a0and\u00a0<a href=\"https:\/\/www.csoonline.com\/article\/4149938\/trivy-supply-chain-breach-compromises-over-1000-saas-environments-lapsus-joins-the-extortion-wave.html\">CSO Online<\/a>. The claimed data includes internal code repositories, cloud infrastructure configurations (AWS, Azure, Terraform), Spring Boot configs, GitHub Enterprise user information, and employee data. LAPSUS$ is selling access via Session encrypted messaging.<\/p>\n<p>This is the\u00a0<strong>first named victim claim<\/strong>\u00a0from the TeamPCP\/LAPSUS$ partnership, confirming the &#8220;named victim breach disclosures&#8221; watch item from Update 001. AstraZeneca has not confirmed or denied the breach as of publication time.<\/p>\n<p><strong>Recommended action:<\/strong>\u00a0Organizations should not wait for public victim disclosures to take action. If you were exposed to any TeamPCP-compromised component, assume credential theft occurred and rotate proactively. The extortion timeline is accelerating.<\/p>\n<h2 id=\"high-litellm-ceos-personal-github-account-was-the-compromise-vector\">HIGH: LiteLLM CEO&#8217;s Personal GitHub Account Was the Compromise Vector<\/h2>\n<p><a href=\"https:\/\/www.reversinglabs.com\/blog\/teampcp-supply-chain-attack-spreads\">ReversingLabs<\/a>\u00a0has published new intelligence identifying the specific mechanism behind the LiteLLM PyPI compromise: TeamPCP compromised\u00a0<strong>Krish Dholakia&#8217;s personal GitHub account<\/strong>\u00a0(LiteLLM co-founder and CEO) on March 23-24. This was not a generic CI\/CD token sweep &#8212; the attacker specifically identified and targeted a named executive&#8217;s account from the stolen credential trove harvested during the Trivy\/Checkmarx phase.<\/p>\n<p>This detail refines the attack chain narrative. TeamPCP appears to be triaging stolen credentials for maximum impact, targeting package maintainers with PyPI publishing privileges rather than indiscriminately using every credential they harvested.<\/p>\n<h2 id=\"medium-cisa-kev-remediation-deadline-correction----april-8-not-april-3\">MEDIUM: CISA KEV Remediation Deadline Correction &#8212; April 8, Not April 3<\/h2>\n<p>Update 001 reported the CISA KEV remediation deadline for CVE-2026-33634 as April 3, 2026. The\u00a0<a href=\"https:\/\/www.cisa.gov\/known-exploited-vulnerabilities-catalog\">official CISA KEV catalog entry<\/a>\u00a0shows the actual deadline is\u00a0<strong>April 8, 2026<\/strong>. This update corrects the previously reported date.<\/p>\n<p>Additionally,\u00a0<a href=\"https:\/\/www.helpnetsecurity.com\/2026\/03\/27\/cve-2026-33017-cve-2026-33634-exploited\/\">Help Net Security<\/a>\u00a0reports that CISA simultaneously added\u00a0<strong>CVE-2026-33017<\/strong>\u00a0(Langflow unauthenticated RCE, affecting versions prior to 1.8.2) alongside the Trivy CVE in the same KEV update. The pairing of two AI\/ML infrastructure tool vulnerabilities in a single KEV addition signals that CISA is treating AI toolchain supply chain security as a systemic risk category.<\/p>\n<p>Federal agencies now face remediation deadlines of April 8 for CVE-2026-33634 (Trivy) and April 9 for CVE-2026-33017 (Langflow).<\/p>\n<h2 id=\"info-litellms-compliance-certifications-performed-by-embattled-auditor\">INFO: LiteLLM&#8217;s Compliance Certifications Performed by Embattled Auditor<\/h2>\n<p><a href=\"https:\/\/techcrunch.com\/2026\/03\/26\/delve-did-the-security-compliance-on-litellm-an-ai-project-hit-by-malware\/\">TechCrunch<\/a>\u00a0reported on March 26 that LiteLLM&#8217;s SOC2 and ISO 27001 certifications were performed by Delve, a YC startup currently under scrutiny for allegations of &#8220;rubber-stamped&#8221; compliance audits. This intersection of two Silicon Valley scandals raises questions about the effectiveness of third-party compliance certifications in the AI\/ML supply chain ecosystem.<\/p>\n<h2 id=\"high-first-responder-publishes-full-attack-transcript-with-new-iocs\">HIGH: First Responder Publishes Full Attack Transcript With New IOCs<\/h2>\n<p><a href=\"https:\/\/futuresearch.ai\/blog\/litellm-attack-transcript\/\">FutureSearch<\/a>\u00a0has published the full forensic transcript from\u00a0<strong>Callum McMahon<\/strong>, the engineer who first discovered the compromised LiteLLM package and coordinated the PyPI quarantine on March 24. McMahon used Claude Code to perform real-time forensic analysis of the malicious\u00a0<code>litellm==1.82.8<\/code>\u00a0package in an isolated Docker environment, producing what is likely the most detailed public record of this attack&#8217;s execution.<\/p>\n<p>Key technical findings not previously documented in the campaign report:<\/p>\n<ul>\n<li><strong><code>.pth<\/code>\u00a0file exploitation:<\/strong>\u00a0The payload (<code>litellm_init.pth<\/code>, 34 KB) exploited Python&#8217;s automatic\u00a0<code>.pth<\/code>\u00a0site-packages execution, triggering on every Python interpreter startup &#8212; not just when LiteLLM was imported. This is a persistence mechanism that runs across all Python processes in the environment.<\/li>\n<li><strong>C2 domain:<\/strong>\u00a0<code>models.litellm.cloud<\/code>\u00a0&#8212; a typosquat of LiteLLM&#8217;s legitimate infrastructure, used for HTTPS exfiltration with RSA encryption.<\/li>\n<li><strong>Persistence path:<\/strong>\u00a0<code>~\/.config\/sysmon\/sysmon.py<\/code>\u00a0with systemd service registration. In McMahon&#8217;s case, the write was interrupted at 0 bytes by a forced reboot.<\/li>\n<li><strong>Kubernetes lateral movement:<\/strong>\u00a0The payload attempted to create privileged\u00a0<code>alpine:latest<\/code>\u00a0pods and harvest service account tokens from\u00a0<code>\/var\/run\/secrets\/kubernetes.io\/serviceaccount\/token<\/code>, using\u00a0<code>node-setup-*<\/code>\u00a0pod naming to blend with legitimate infrastructure.<\/li>\n<li><strong>Multi-cloud credential sweep:<\/strong>\u00a0A single payload targeted SSH keys, AWS\/GCP\/Azure credentials, Kubernetes tokens,\u00a0<code>.env<\/code>\u00a0files, database passwords, crypto wallets, and shell history simultaneously.<\/li>\n<li><strong>Accidental fork bomb:<\/strong>\u00a0The\u00a0<code>.pth<\/code>\u00a0auto-execution combined with subprocess spawning created exponential process multiplication &#8212; each child Python process re-triggered the payload, causing resource exhaustion that inadvertently exposed the attack.<\/li>\n<\/ul>\n<p>The 72-minute timeline from detection to public PyPI quarantine demonstrates how AI-assisted forensic analysis dramatically accelerated incident response. This transcript is highly instructive for defenders studying the attack mechanics and should be reviewed by any team performing forensic analysis of TeamPCP-compromised environments.<\/p>\n<p><strong>Recommended action:<\/strong>\u00a0Search environments for the C2 domain\u00a0<code>models.litellm.cloud<\/code>, the persistence path\u00a0<code>~\/.config\/sysmon\/sysmon.py<\/code>, unexpected\u00a0<code>.pth<\/code>\u00a0files in site-packages directories, and\u00a0<code>node-setup-*<\/code>\u00a0pods in Kubernetes clusters. These IOCs supplement the indicators in the parent report.<\/p>\n<h2 id=\"medium-github-announces-actions-security-roadmap-in-response-to-supply-chain-attacks\">INFO: GitHub Announces Actions Security Roadmap in Response to Supply Chain Attacks<\/h2>\n<p><a href=\"https:\/\/github.blog\/news-insights\/product-news\/whats-coming-to-our-github-actions-2026-security-roadmap\/\">GitHub<\/a>\u00a0has published a 2026 security roadmap for GitHub Actions that directly references the TeamPCP campaign. The blog post states: &#8220;incidents targeting projects like tj-actions\/changed-file, Nx, and trivy-action show a clear pattern: attackers are targeting CI\/CD automation itself.&#8221;<\/p>\n<p>The roadmap introduces three categories of controls that, if implemented at the time of the Trivy compromise, would have materially altered the attack surface:<\/p>\n<ul>\n<li><strong>Workflow dependency locking:<\/strong>\u00a0A new\u00a0<code>dependencies:<\/code>\u00a0section in workflow YAML pins all direct and transitive action references to immutable commit SHAs. Hash mismatches stop execution before jobs run. This directly addresses the tag-rewriting TTP that TeamPCP used to redirect 76 trivy-action tags and all 91 ast-github-action tags to malicious commits. Public preview in 3-6 months.<\/li>\n<li><strong>Policy-driven execution controls:<\/strong>\u00a0Rulesets-based policies that restrict which actors can trigger workflows, which events are permitted, and which execution contexts can access secrets. Scoped secrets prevent a single compromised token from accessing all repository secrets. Public preview in 3-6 months.<\/li>\n<li><strong>Egress firewall for hosted runners:<\/strong>\u00a0Layer 7 network monitoring and enforcement for GitHub-hosted runners, restricting which external domains workflows can reach. This would have blocked the exfiltration to\u00a0<code>scan.aquasecurtiy[.]org<\/code>\u00a0and\u00a0<code>models.litellm.cloud<\/code>. Public preview in 6-9 months.<\/li>\n<\/ul>\n<p>Analysts assess these controls represent the most substantive platform-level response to the GitHub Actions supply chain attack vector to date. However, the 3-9 month rollout timeline means organizations remain exposed to tag-rewriting and credential theft TTPs in the interim. Pinning actions to full commit SHAs remains the primary defensive measure until dependency locking reaches GA.<\/p>\n<h2 id=\"additional-intelligence\">Additional Intelligence<\/h2>\n<p><strong>Kaspersky publishes independent verification:<\/strong>\u00a0<a href=\"https:\/\/www.kaspersky.com\/blog\/critical-supply-chain-attack-trivy-litellm-checkmarx-teampcp\/55510\/\">Kaspersky<\/a>\u00a0published their own technical advisory characterizing this as a unified &#8220;trojanization&#8221; campaign, independently verifying the attack chain and broadening awareness to their enterprise customer base.<\/p>\n<p><strong>GitGuardian draws &#8220;Shai Hulud&#8221; parallel:<\/strong>\u00a0<a href=\"https:\/\/blog.gitguardian.com\/trivys-march-supply-chain-attack-shows-where-secret-exposure-hurts-most\/\">GitGuardian<\/a>\u00a0frames the campaign alongside the &#8220;Shai Hulud&#8221; attack pattern &#8212; both targeting CI\/CD pipelines to harvest secrets rather than attacking applications directly. Their analysis emphasizes that Aqua Security&#8217;s non-atomic credential rotation was the root cause enabling the second compromise wave (Docker Hub images v0.69.5 and v0.69.6 on March 22).<\/p>\n<h2 id=\"corrections-to-update-001\">Corrections to Update 001<\/h2>\n<p><strong>Aqua Security &#8220;additional findings&#8221; deadline:<\/strong>\u00a0Update 001 stated &#8220;Aqua Security promised additional findings by end of day March 26&#8221; as a watch item. This was incorrect. On March 23, 2026, Aqua Security&#8217;s blog stated they would &#8220;provide a further update, including additional findings, tomorrow end of day&#8221; &#8212; meaning end of day\u00a0<strong>March 24<\/strong>, not March 26. Aqua published their comprehensive incident report,\u00a0<a href=\"https:\/\/www.aquasec.com\/blog\/autonomous-runtime-security-turning-runtime-intelligence-into-agentic-response-2\/\">&#8220;Trivy Supply Chain Attack: What Happened and What You Need to Know&#8221;<\/a>, on March 24 at 23:00 UTC,\u00a0<strong>meeting their stated deadline<\/strong>. The report covers the full attack timeline, root cause (non-atomic credential rotation after the March 1 incident), and remediation details. This is no longer a watch item.<\/p>\n<p><strong>CISA KEV remediation deadline:<\/strong>\u00a0Also corrected in this update&#8217;s MEDIUM finding above &#8212; April 8, not April 3 as originally reported in Update 001.<\/p>\n<h2 id=\"watch-items\">Watch Items<\/h2>\n<ul>\n<li>Vect ransomware affiliate key distribution and first deployments linked to TeamPCP credentials<\/li>\n<li>Additional PyPI packages compromised via stolen credentials (telnyx confirms the pattern)<\/li>\n<li>AstraZeneca confirmation or denial of the LAPSUS$ breach claim<\/li>\n<li>Mandiant formal attribution report (BerriAI engagement announced, report pending)<\/li>\n<li>CISA standalone advisory or emergency directive (KEV entries issued, no dedicated advisory yet)<\/li>\n<li>Expansion to RubyGems,\u00a0<a href=\"http:\/\/crates.io\/\">crates.io<\/a>, or Maven Central (Endor Labs prediction, not yet confirmed)<\/li>\n<li>LiteLLM\/BerriAI forensics completion and release resumption<\/li>\n<\/ul>\n<p>The full campaign report is available at\u00a0<a href=\"https:\/\/www.sans.org\/white-papers\/when-security-scanner-became-weapon\">sans.org\/white-papers\/when-security-scanner-became-weapon<\/a>. A SANS Emergency Webcast replay is available at\u00a0<a href=\"https:\/\/www.sans.org\/webcasts\/when-security-scanner-became-weapon\">sans.org\/webcasts\/when-security-scanner-became-weapon<\/a>. Updates to the report will be in the form of these ISC diaries.<\/p>\n<p> (c) SANS Internet Storm Center. https:\/\/isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.<\/p><\/div>\n","protected":false},"excerpt":{"rendered":"<p>This is the second update to the TeamPCP supply chain campaign threat intelligence report,\u00a0&#8220;When the Security Scanner Became the Weapon&#8221;\u00a0(v3.0, March 25, 2026). Update 001 covered developments through March 26. This update covers developments from March 26-27, 2026. CRITICAL: Telnyx Python SDK Compromised on PyPI &#8212; New WAV Steganography TTP TeamPCP compromised the\u00a0telnyx\u00a0Python SDK (670,000+ [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"site-container-style":"default","site-container-layout":"default","site-sidebar-layout":"default","disable-article-header":"default","disable-site-header":"default","disable-site-footer":"default","disable-content-area-spacing":"default","footnotes":""},"categories":[90],"tags":[91],"class_list":["post-2171","post","type-post","status-publish","format-standard","hentry","category-cybersecurity","tag-cybersecurity"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v26.7 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>TeamPCP Supply Chain Campaign: Update 002 - Telnyx PyPI Compromise, Vect Ransomware Mass Affiliate Program, and First Named Victim Claim, (Fri, Mar 27th) - Imperative Business Ventures Limited<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/blog.ibvl.in\/index.php\/2026\/03\/27\/teampcp-supply-chain-campaign-update-002-telnyx-pypi-compromise-vect-ransomware-mass-affiliate-program-and-first-named-victim-claim-fri-mar-27th\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"TeamPCP Supply Chain Campaign: Update 002 - Telnyx PyPI Compromise, Vect Ransomware Mass Affiliate Program, and First Named Victim Claim, (Fri, Mar 27th) - Imperative Business Ventures Limited\" \/>\n<meta property=\"og:description\" content=\"This is the second update to the TeamPCP supply chain campaign threat intelligence report,\u00a0&#8220;When the Security Scanner Became the Weapon&#8221;\u00a0(v3.0, March 25, 2026). Update 001 covered developments through March 26. This update covers developments from March 26-27, 2026. CRITICAL: Telnyx Python SDK Compromised on PyPI &#8212; New WAV Steganography TTP TeamPCP compromised the\u00a0telnyx\u00a0Python SDK (670,000+ [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/blog.ibvl.in\/index.php\/2026\/03\/27\/teampcp-supply-chain-campaign-update-002-telnyx-pypi-compromise-vect-ransomware-mass-affiliate-program-and-first-named-victim-claim-fri-mar-27th\/\" \/>\n<meta property=\"og:site_name\" content=\"Imperative Business Ventures Limited\" \/>\n<meta property=\"article:published_time\" content=\"2026-03-27T15:00:41+00:00\" \/>\n<meta name=\"author\" content=\"admin\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"admin\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"9 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/blog.ibvl.in\/index.php\/2026\/03\/27\/teampcp-supply-chain-campaign-update-002-telnyx-pypi-compromise-vect-ransomware-mass-affiliate-program-and-first-named-victim-claim-fri-mar-27th\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/blog.ibvl.in\/index.php\/2026\/03\/27\/teampcp-supply-chain-campaign-update-002-telnyx-pypi-compromise-vect-ransomware-mass-affiliate-program-and-first-named-victim-claim-fri-mar-27th\/\"},\"author\":{\"name\":\"admin\",\"@id\":\"https:\/\/blog.ibvl.in\/#\/schema\/person\/55b87b72a56b1bbe9295fe5ef7a20b02\"},\"headline\":\"TeamPCP Supply Chain Campaign: Update 002 &#8211; Telnyx PyPI Compromise, Vect Ransomware Mass Affiliate Program, and First Named Victim Claim, (Fri, Mar 27th)\",\"datePublished\":\"2026-03-27T15:00:41+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/blog.ibvl.in\/index.php\/2026\/03\/27\/teampcp-supply-chain-campaign-update-002-telnyx-pypi-compromise-vect-ransomware-mass-affiliate-program-and-first-named-victim-claim-fri-mar-27th\/\"},\"wordCount\":1763,\"keywords\":[\"Cybersecurity\"],\"articleSection\":[\"Cybersecurity\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/blog.ibvl.in\/index.php\/2026\/03\/27\/teampcp-supply-chain-campaign-update-002-telnyx-pypi-compromise-vect-ransomware-mass-affiliate-program-and-first-named-victim-claim-fri-mar-27th\/\",\"url\":\"https:\/\/blog.ibvl.in\/index.php\/2026\/03\/27\/teampcp-supply-chain-campaign-update-002-telnyx-pypi-compromise-vect-ransomware-mass-affiliate-program-and-first-named-victim-claim-fri-mar-27th\/\",\"name\":\"TeamPCP Supply Chain Campaign: Update 002 - Telnyx PyPI Compromise, Vect Ransomware Mass Affiliate Program, and First Named Victim Claim, (Fri, Mar 27th) - Imperative Business Ventures Limited\",\"isPartOf\":{\"@id\":\"https:\/\/blog.ibvl.in\/#website\"},\"datePublished\":\"2026-03-27T15:00:41+00:00\",\"author\":{\"@id\":\"https:\/\/blog.ibvl.in\/#\/schema\/person\/55b87b72a56b1bbe9295fe5ef7a20b02\"},\"breadcrumb\":{\"@id\":\"https:\/\/blog.ibvl.in\/index.php\/2026\/03\/27\/teampcp-supply-chain-campaign-update-002-telnyx-pypi-compromise-vect-ransomware-mass-affiliate-program-and-first-named-victim-claim-fri-mar-27th\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/blog.ibvl.in\/index.php\/2026\/03\/27\/teampcp-supply-chain-campaign-update-002-telnyx-pypi-compromise-vect-ransomware-mass-affiliate-program-and-first-named-victim-claim-fri-mar-27th\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/blog.ibvl.in\/index.php\/2026\/03\/27\/teampcp-supply-chain-campaign-update-002-telnyx-pypi-compromise-vect-ransomware-mass-affiliate-program-and-first-named-victim-claim-fri-mar-27th\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/blog.ibvl.in\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"TeamPCP Supply Chain Campaign: Update 002 &#8211; Telnyx PyPI Compromise, Vect Ransomware Mass Affiliate Program, and First Named Victim Claim, (Fri, Mar 27th)\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/blog.ibvl.in\/#website\",\"url\":\"https:\/\/blog.ibvl.in\/\",\"name\":\"Imperative Business Ventures Limited\",\"description\":\"\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/blog.ibvl.in\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/blog.ibvl.in\/#\/schema\/person\/55b87b72a56b1bbe9295fe5ef7a20b02\",\"name\":\"admin\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/blog.ibvl.in\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/4d20b2cd313e4417a599678e950e6fb7d4dfa178a72f2b769335a08aaa615aa9?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/4d20b2cd313e4417a599678e950e6fb7d4dfa178a72f2b769335a08aaa615aa9?s=96&d=mm&r=g\",\"caption\":\"admin\"},\"sameAs\":[\"https:\/\/blog.ibvl.in\"],\"url\":\"https:\/\/blog.ibvl.in\/index.php\/author\/admin_hcbs9yw6\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"TeamPCP Supply Chain Campaign: Update 002 - Telnyx PyPI Compromise, Vect Ransomware Mass Affiliate Program, and First Named Victim Claim, (Fri, Mar 27th) - Imperative Business Ventures Limited","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/blog.ibvl.in\/index.php\/2026\/03\/27\/teampcp-supply-chain-campaign-update-002-telnyx-pypi-compromise-vect-ransomware-mass-affiliate-program-and-first-named-victim-claim-fri-mar-27th\/","og_locale":"en_US","og_type":"article","og_title":"TeamPCP Supply Chain Campaign: Update 002 - Telnyx PyPI Compromise, Vect Ransomware Mass Affiliate Program, and First Named Victim Claim, (Fri, Mar 27th) - Imperative Business Ventures Limited","og_description":"This is the second update to the TeamPCP supply chain campaign threat intelligence report,\u00a0&#8220;When the Security Scanner Became the Weapon&#8221;\u00a0(v3.0, March 25, 2026). Update 001 covered developments through March 26. This update covers developments from March 26-27, 2026. CRITICAL: Telnyx Python SDK Compromised on PyPI &#8212; New WAV Steganography TTP TeamPCP compromised the\u00a0telnyx\u00a0Python SDK (670,000+ [&hellip;]","og_url":"https:\/\/blog.ibvl.in\/index.php\/2026\/03\/27\/teampcp-supply-chain-campaign-update-002-telnyx-pypi-compromise-vect-ransomware-mass-affiliate-program-and-first-named-victim-claim-fri-mar-27th\/","og_site_name":"Imperative Business Ventures Limited","article_published_time":"2026-03-27T15:00:41+00:00","author":"admin","twitter_card":"summary_large_image","twitter_misc":{"Written by":"admin","Est. reading time":"9 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/blog.ibvl.in\/index.php\/2026\/03\/27\/teampcp-supply-chain-campaign-update-002-telnyx-pypi-compromise-vect-ransomware-mass-affiliate-program-and-first-named-victim-claim-fri-mar-27th\/#article","isPartOf":{"@id":"https:\/\/blog.ibvl.in\/index.php\/2026\/03\/27\/teampcp-supply-chain-campaign-update-002-telnyx-pypi-compromise-vect-ransomware-mass-affiliate-program-and-first-named-victim-claim-fri-mar-27th\/"},"author":{"name":"admin","@id":"https:\/\/blog.ibvl.in\/#\/schema\/person\/55b87b72a56b1bbe9295fe5ef7a20b02"},"headline":"TeamPCP Supply Chain Campaign: Update 002 &#8211; Telnyx PyPI Compromise, Vect Ransomware Mass Affiliate Program, and First Named Victim Claim, (Fri, Mar 27th)","datePublished":"2026-03-27T15:00:41+00:00","mainEntityOfPage":{"@id":"https:\/\/blog.ibvl.in\/index.php\/2026\/03\/27\/teampcp-supply-chain-campaign-update-002-telnyx-pypi-compromise-vect-ransomware-mass-affiliate-program-and-first-named-victim-claim-fri-mar-27th\/"},"wordCount":1763,"keywords":["Cybersecurity"],"articleSection":["Cybersecurity"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/blog.ibvl.in\/index.php\/2026\/03\/27\/teampcp-supply-chain-campaign-update-002-telnyx-pypi-compromise-vect-ransomware-mass-affiliate-program-and-first-named-victim-claim-fri-mar-27th\/","url":"https:\/\/blog.ibvl.in\/index.php\/2026\/03\/27\/teampcp-supply-chain-campaign-update-002-telnyx-pypi-compromise-vect-ransomware-mass-affiliate-program-and-first-named-victim-claim-fri-mar-27th\/","name":"TeamPCP Supply Chain Campaign: Update 002 - Telnyx PyPI Compromise, Vect Ransomware Mass Affiliate Program, and First Named Victim Claim, (Fri, Mar 27th) - Imperative Business Ventures Limited","isPartOf":{"@id":"https:\/\/blog.ibvl.in\/#website"},"datePublished":"2026-03-27T15:00:41+00:00","author":{"@id":"https:\/\/blog.ibvl.in\/#\/schema\/person\/55b87b72a56b1bbe9295fe5ef7a20b02"},"breadcrumb":{"@id":"https:\/\/blog.ibvl.in\/index.php\/2026\/03\/27\/teampcp-supply-chain-campaign-update-002-telnyx-pypi-compromise-vect-ransomware-mass-affiliate-program-and-first-named-victim-claim-fri-mar-27th\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/blog.ibvl.in\/index.php\/2026\/03\/27\/teampcp-supply-chain-campaign-update-002-telnyx-pypi-compromise-vect-ransomware-mass-affiliate-program-and-first-named-victim-claim-fri-mar-27th\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/blog.ibvl.in\/index.php\/2026\/03\/27\/teampcp-supply-chain-campaign-update-002-telnyx-pypi-compromise-vect-ransomware-mass-affiliate-program-and-first-named-victim-claim-fri-mar-27th\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/blog.ibvl.in\/"},{"@type":"ListItem","position":2,"name":"TeamPCP Supply Chain Campaign: Update 002 &#8211; Telnyx PyPI Compromise, Vect Ransomware Mass Affiliate Program, and First Named Victim Claim, (Fri, Mar 27th)"}]},{"@type":"WebSite","@id":"https:\/\/blog.ibvl.in\/#website","url":"https:\/\/blog.ibvl.in\/","name":"Imperative Business Ventures Limited","description":"","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/blog.ibvl.in\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/blog.ibvl.in\/#\/schema\/person\/55b87b72a56b1bbe9295fe5ef7a20b02","name":"admin","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/blog.ibvl.in\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/4d20b2cd313e4417a599678e950e6fb7d4dfa178a72f2b769335a08aaa615aa9?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/4d20b2cd313e4417a599678e950e6fb7d4dfa178a72f2b769335a08aaa615aa9?s=96&d=mm&r=g","caption":"admin"},"sameAs":["https:\/\/blog.ibvl.in"],"url":"https:\/\/blog.ibvl.in\/index.php\/author\/admin_hcbs9yw6\/"}]}},"_links":{"self":[{"href":"https:\/\/blog.ibvl.in\/index.php\/wp-json\/wp\/v2\/posts\/2171","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.ibvl.in\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.ibvl.in\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.ibvl.in\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.ibvl.in\/index.php\/wp-json\/wp\/v2\/comments?post=2171"}],"version-history":[{"count":0,"href":"https:\/\/blog.ibvl.in\/index.php\/wp-json\/wp\/v2\/posts\/2171\/revisions"}],"wp:attachment":[{"href":"https:\/\/blog.ibvl.in\/index.php\/wp-json\/wp\/v2\/media?parent=2171"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.ibvl.in\/index.php\/wp-json\/wp\/v2\/categories?post=2171"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.ibvl.in\/index.php\/wp-json\/wp\/v2\/tags?post=2171"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}