Storyline
TeamPCP supply chain attacks compromise Trivy and Checkmarx GitHub Actions
In March 2026, the threat actor TeamPCP executed a sophisticated supply chain attack compromising Aqua Security's Trivy vulnerability scanner and Checkmarx GitHub Actions workflows.
Evidence locked
Today's free sample is only available for the edition's flagship storyline.
Evidence preview
- Microsoft Security Blogmicrosoft.com
- CyberScoopcyberscoop.com
- The Register Securitygo.theregister.com
- The Hacker Newsthehackernews.com