TeamPCP is an active threat actor weaponizing trusted DevSecOps security scanning tools to gain initial access into CI/CD pipelines, with confirmed AstraZeneca data exfiltration and public release, and an alleged Databricks compromise under investigation as of March 25, 2026. The campaign combines data exfiltration with dual ransomware deployment, meaning backup-only recovery strategies are insufficient against the data exposure component. Source quality for this item is rated 0.56 based on predominantly Tier 3 sources; organizations should verify findings against primary threat intelligence feeds, but the supply chain attack pattern and confirmed confirmed victim data make this a credible and high-priority threat for any organization running third-party security tooling in CI/CD pipelines.