A software supply-chain attack that began with a compromised security scanner is now being tracked as a broader business risk for cloud and software vendors.
In its latest update on the TeamPCP campaign, SANS Internet Storm Center said the pace of new package compromises has slowed, but the operation appears to have shifted into monetization, including an alleged Databricks compromise under investigation, a parallel ransomware track tied to a TeamPCP-run operation called CipherForce, and the reported public release of data claimed to be from AstraZeneca after a failed sale attempt.
SANS said Databricks had not issued an official statement as of the update, and AstraZeneca also had not publicly confirmed or denied the claim.
Troubling to security professionals is the fact the blast radius is no longer limited to the original software supply-chain phase. SANS traced the campaign back to the compromise of Aqua Security’s Trivy scanner, which it said cascaded across multiple ecosystems.
OwnCloud, one of the first downstream organizations to disclose impact publicly, said its build infrastructure was affected, that no customer data or source code was compromised, and that builds created after March 19 should be treated as potentially compromised. The company temporarily suspended its ability to ship new builds and patches while it contained the incident, according to SANS Institute.
The business takeaway is less about one brand name than about exposure in CI/CD pipelines and trusted tooling. CISA has already added CVE-2026-33634 to its Known Exploited Vulnerabilities catalog, and SANS said the federal remediation deadline is April 8. That raises the pressure on vendors and service providers to rotate credentials, review build artifacts and disclose downstream impact quickly if they were in the path of the compromised scanner.
