PCP A.I CyberSecurity Scoring
PCP
Company Information
Website:http://PacificCoastProducers.com
Employees number:539
Number of followers:5,010
NAICS:311
Industry Type:Food and Beverage Manufacturing
Homepage:PacificCoastProducers.com
PCP Risk Score (AI oriented)
Between 700 and 749
PCPFood and Beverage Manufacturing
Updated:
13/03/2026
13/03/2026
730/1000
Moderate
Ba
PCP Global Score (TPRM)
xxxx
PCPFood and Beverage Manufacturing
Score locked

PCPModerate
Current Score
730Ba (MODERATE)
01000
1 incidents
-22 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JULY 2026
733
JUNE 2026
733
MAY 2026
732
APRIL 2026
731
MARCH 2026
730
FEBRUARY 2026
729
JANUARY 2026
729
DECEMBER 2025
750
Cyber Attack
25 Dec 2025 • PCP
Microsoft Azure and TeamPCP: TeamPCP Turns Cloud Misconfigurations Into Scalable Cybercrime Engine
TeamPCP Large-Scale Cloud Exploitation Campaign Targeting Misconfigured Infrastructure
728
CRITICAL-22
MICPAC1770804753
TeamPCP Launches Large-Scale Cloud Exploitation Campaign Targeting Misconfigured Infrastructure
A threat group tracked as TeamPCP (also known as PCPcat, ShellForce, and DeadCatx3) has orchestrated a widespread cloud exploitation campaign, converting vulnerable cloud infrastructure into a self-propagating cybercrime platform. Active since late 2025, the group focuses on exposed cloud control planes rather than traditional endpoint malware, leveraging weak configurations and publicly accessible management interfaces for initial access.
The campaign peaked around December 25, 2025, with hundreds of compromised servers running attacker-controlled containers. Researchers identified at least 185 confirmed Docker compromises in one phase, though the true scale is likely far larger. Targets include exposed Docker APIs, Kubernetes clusters, Ray dashboards, Redis servers, and applications vulnerable to React2Shell (CVE-2025-29927).
### Automated Worm-Like Propagation
At the core of the operation is proxy.sh, a script that deploys tunneling tools (FRPS, gost), scanners, and persistence mechanisms. If running inside Kubernetes, it executes kube.py, which enumerates cluster resources, harvests credentials, and spreads laterally via privileged DaemonSets that mount host filesystems. Another module, react.py, exploits React2Shell vulnerabilities in Next.js applications, extracting environment variables, cloud credentials, SSH keys, and Git tokens before exfiltrating data to attacker-controlled servers.
A high-volume scanner, pcpcat.py, pulls CIDR ranges from public cloud providers and automatically deploys malicious containers on exposed Docker and Ray APIs, creating a worm-like feedback loop where each infected system becomes a new propagation node.
### Hybrid Monetization: Mining, Proxies, and Data Theft
TeamPCP repurposes compromised servers for multiple revenue streams:
- Cryptomining (XMRig, often obfuscated with double base64 encoding)
- Proxy and tunneling infrastructure
- C2 relays and internet scanning platforms
- Data theft staging servers
While mining revenue appears modest, the group has leaked sensitive data, including 2.3 million job applicant records from a recruitment platform, containing names, birthdates, employment histories, and contact details.
### Cloud-First Targeting Strategy
Most compromised infrastructure is hosted on public cloud providers, with Azure accounting for 61% of observed victims and AWS 36%. The campaign demonstrates the industrialization of known weaknesses abusing exposed Docker, Kubernetes, and Redis services rather than relying on novel exploits.
Defensive measures against such attacks include restricting public access to management APIs, enforcing authentication, preventing privileged containers, and monitoring for unauthorized DaemonSets and job submissions.
INCIDENT DETAILS -
TYPE
MOTIVATION
IMPACT
DATA BREACH
REFERENCES
NOVEMBER 2025
750
OCTOBER 2025
750
SEPTEMBER 2025
750
AUGUST 2025
750
Frequently Asked Questions
?
What is the current A.I Rankiteo Cyber Score for PCP ??
What was PCP's A.I Rankiteo Cyber Score in June 2026 ??
What was PCP's A.I Rankiteo Cyber Score in May 2026 ??
What was PCP's A.I Rankiteo Cyber Score in April 2026 ??
What was PCP's A.I Rankiteo Cyber Score in March 2026 ??
What was PCP's A.I Rankiteo Cyber Score in February 2026 ??
What was PCP's A.I Rankiteo Cyber Score in January 2026 ??
What was PCP's A.I Rankiteo Cyber Score in December 2025 ??
What was PCP's A.I Rankiteo Cyber Score in November 2025 ??
What was PCP's A.I Rankiteo Cyber Score in October 2025 ??
What was PCP's A.I Rankiteo Cyber Score in September 2025 ??
What was PCP's A.I Rankiteo Cyber Score in August 2025 ??
What is the average per-incident point impact on PCP's A.I Rankiteo Cyber Score over the past 12 months ??
Where can I access detailed records of all cyber incidents associated with PCP ??
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ??
Where can I view PCP's profile page on Rankiteo ??
How accurate is the A.I Rankiteo Risk Scoring methodology ?