Two more GitHub Actions workflows have become the latest to be compromised by credential-stealing malware by a threat actor known as TeamPCP, the cloud-native cybercriminal operation also behind the Trivy supply chain attack.The workflows, both maintained by the supply chain security company Checkmarx, are listed below -checkmarx/ast-github-actioncheckmarx/kics-github-actionCloud security
First seen on thehackernews.com
Jump to article: thehackernews.com/2026/03/teampcp-hacks-checkmarx-github-actions.html
