Ransomware attackers are now targeting victims of the TeamPCP supply chain compromise, layering extortion demands on top of an already serious breach — though security researchers are cautioning victims not to pay, as the decryptor may not work.