TeamPCP Supply Chain Attack and the Rise of Voice Phishing [Prime Cyber Insights]

[00:00] Announcer: From Neural Newscast, this is Prime Cyber Insights, [00:03] Announcer: Intelligence for Defenders, Leaders, and Decision Makers. [00:11] Aaron Cole: Welcome to Prime Cyber Insights for March 24th, 2026. I'm Aaron Cole. [00:17] Aaron Cole: Aaron, we're tracking a significant escalation in supply chain risk this morning. [00:21] Aaron Cole: Today, Ars Technica detailed a campaign by a group known as Team PCP. [00:26] Aaron Cole: They've successfully poisoned the Trivi Vulnerability Scanner along with over two dozen NPM packages [00:32] Aaron Cole: using a self-propagating worm dubbed Canister Worm. [00:36] Aaron Cole: What makes this particularly aggressive is the automation. [00:39] Aaron Cole: It targets CI CD pipelines to steal NPM tokens and then automatically leases any package those tokens can access with malicious code. [00:48] Aaron Cole: It effectively turns the developer's own infrastructure against the entire ecosystem. [00:53] Lauren Mitchell: It creates a viral loop that is incredibly difficult to prune, Lauren. [00:58] Lauren Mitchell: The speed of the automation is what practitioners need to note. [01:01] Lauren Mitchell: Researchers at Aikido observed the worm hitting 28 packages in under 60 seconds. [01:07] Lauren Mitchell: Curiously, the group added a wiper component called kamikaze that only triggers if the infected machine is in the Iranian time zone or configured for that locale. [01:17] Lauren Mitchell: While Team PCP has traditionally focused on financial gain, this shift toward targeted [01:23] Lauren Mitchell: destruction suggests they may be seeking higher visibility or perhaps transitioning into a state-aligned [01:29] Lauren Mitchell: role. [01:30] Aaron Cole: It's a clear reminder that containment is only as good as the cleanup. [01:33] Aaron Cole: Aqua Security attempted to rotate credentials after an initial breach in February, but be [01:38] Aaron Cole: But because that rotation was incomplete, it left the door open for this latest wave. [01:43] Aaron Cole: Shifting from the actors to the legal fallout, 26-year-old Russian national Alexei Volkov [01:49] Aaron Cole: was sentenced today to 81 months in prison. [01:52] Aaron Cole: Volkov operated as a high-level initial access broker or IAB, facilitating dozens of ransomware [01:58] Aaron Cole: attacks for prominent crews like Jan Luawang. [02:01] Aaron Cole: The United States Department of Justice reports that his work led to at least $9 million in actual losses. [02:08] Lauren Mitchell: The legal net is definitely widening, Lauren. [02:10] Lauren Mitchell: We're also seeing the first major consequences for the specialized infrastructure that surrounds these attacks. [02:16] Lauren Mitchell: Prosecutors have now charged Angelo Martino, a negotiator for digital mint, [02:22] Lauren Mitchell: for allegedly assisting the Black Cat gang and extorting higher payouts from victims. [02:26] Lauren Mitchell: It signals a strategic pivot for the DOJ. [02:29] Lauren Mitchell: They are moving beyond just the malware authors to target the entire ecosystem of brokers and negotiators [02:36] Lauren Mitchell: who make the ransomware business model viable and profitable. [02:39] Aaron Cole: Speaking of that business model, Google's Mandiant released its annual Mtrends report this week, [02:45] Aaron Cole: and the data on initial access shows a major shift. [02:48] Aaron Cole: Voice phishing, or vishing, is now the number two method for gaining access overall and is the top tactic for breaking into cloud environments. [02:57] Aaron Cole: Attackers are simply calling corporate helpdesks to register their own devices for MFA or to request password resets. [03:05] Aaron Cole: It's a low-tech approach, but the success rate in cloud-heavy organizations is forcing a fundamental rethink of helpdesk verification protocols. [03:15] Lauren Mitchell: The report also highlights what Mandiant calls living on the edge. [03:19] Lauren Mitchell: Espionage groups, specifically a Chinese-linked cluster tracked as UNC6201, [03:26] Lauren Mitchell: are aggressively compromising edge devices like firewalls and routers [03:30] Lauren Mitchell: where endpoint security rarely reaches. [03:33] Lauren Mitchell: They are deploying back doors like BrickStorm and sitting undetected for an average of 393 days. [03:40] Lauren Mitchell: When you combine that with the fact that some ransomware handoffs now happen in under 30 seconds, [03:47] Lauren Mitchell: the defensive window is either non-existent or massive, [03:51] Lauren Mitchell: with almost no middle ground for IT teams to find. [03:55] Aaron Cole: The takeaway for practitioners is clear. [03:57] Aaron Cole: Identity and edge infrastructure are the primary battlegrounds in 2026. [04:03] Aaron Cole: Whether it's the automated supply chain poisoning of Team PCP or the human-centric vishing identified by Mandiant, [04:10] Aaron Cole: the common thread is the exploitation of trusted paths. [04:14] Aaron Cole: Organizations must prioritize a comprehensive audit of their CICD tokens and strictly validate all helpdesk identity requests. [04:24] Aaron Cole: As a reminder, this podcast is for informational purposes and does not constitute professional security advice. [04:31] Lauren Mitchell: That's the briefing for today. For more technical deep dives and full transcripts, visit pci.neuralnewscast.com. [04:39] Lauren Mitchell: Neural Newscast is AI-assisted, human-reviewed. View our AI transparency policy at neuralnewscast.com. [04:47] Lauren Mitchell: I'm Aaron Cole. [04:48] Aaron Cole: And I'm Lauren Mitchell. We'll see you in the briefing room tomorrow. [04:52] Aaron Cole: Neural Newscast is AI-assisted, human-reviewed. [04:56] Aaron Cole: View our AI transparency policy at neuralnewscast.com. [04:59] Announcer: This has been Prime Cyber Insights on Neural Newscast. [05:03] Announcer: Intelligence for defenders, leaders, and decision makers.