The TeamPCP supply chain campaign has resumed operations following a 26-day hiatus, launching coordinated attacks against critical developer infrastructure. Three concurrent compromises have been confirmed affecting Checkmarx KICS, Bitwarden CLI, and xinference on PyPI, while researchers have identified CanisterSprawl, a new npm-based worm spreading through package repositories.