TGTGInsighttelegram intelligenceLIVE / telegram public index
← The Hacker News
View original
The Hacker News avatar

TGINSIGHT POST

Post #8660

@thehackernews

The Hacker News

Views9,710Post view count
PostedMar 2403/24/2026, 09:38 AM
Post content

Post content

🚨 TeamPCP expanded its supply chain attack to Checkmarx GitHub Actions, deploying the same CI credential stealer used in the Trivy breach. Stolen tokens are reused to push malicious commits into other repos, enabling a cascading compromise across CI workflows. 🔗 Read → https://thehackernews.com/2026/03/teampcp-hacks-checkmarx-github-actions.html