Ethical Hacking News
TeamPCP's latest supply chain attack highlights the importance of vigilance in protecting against sophisticated cyber threats. The attackers have compromised two GitHub Actions workflows, using stolen credentials to steal sensitive information.
The world of cybersecurity is constantly evolving, and the recent supply chain attack by TeamPCP highlights just how critical it is for organizations to stay vigilant in protecting their systems from malicious actors. A new threat actor, known as TeamPCP, has been making waves in the security community with its sophisticated attacks on cloud-native platforms. Two GitHub Actions workflows maintained by Checkmarx have become the latest targets of a credential-stealing malware operation by TeamPCP. The workflows contain an identical credential stealer as the one used in TeamPCP's operations, which can steal credentials and secrets related to SSH keys, Git, AWS, Google Cloud, Microsoft Azure, Kubernetes, Docker, .env files, databases, and VPNs. The threat actors have been found to force-push tags to malicious commits containing the stealer payload, exfiltrating stolen data to a domain "checkmarx[.]zone" (IP address: 83.142.209[.]11:443) in the form of an encrypted archive ("tpcp.tar.gz"). The use of vendor-specific typosquat domains for each poisoned action is a deliberate deception technique, reducing the likelihood of manual detection. The stealer's primary function is to harvest credentials from CI runner memory, allowing the operators to extract GitHub personal access tokens and other secrets from when a compromised Trivy action executes in a workflow.
The world of cybersecurity is constantly evolving, and the recent supply chain attack by TeamPCP highlights just how critical it is for organizations to stay vigilant in protecting their systems from malicious actors. A new threat actor, known as TeamPCP, has been making waves in the security community with its sophisticated attacks on cloud-native platforms. In this article, we will delve into the details of the latest attack by TeamPCP and explore what makes it so concerning.
According to recent reports, two GitHub Actions workflows maintained by Checkmarx have become the latest targets of a credential-stealing malware operation by TeamPCP. The workflow names in question are checkmarx/ast-github-action and checkmarx/kics-github-action. These workflows were listed below and contain an identical credential stealer as the one used in TeamPCP's operations.
The workflows, both maintained by the supply chain security company Checkmarx, are listed below:
checkmarx/ast-github-action
checkmarx/kics-github-action
Cloud security company Sysdig said it observed an identical credential stealer as the one used in TeamPCP's operations targeting Aqua Security's Trivy vulnerability scanner and its associated GitHub Actions. The Try supply chain compromise is being tracked under the CVE identifier CVE-2026-33634 (CVSS score: 9.4).
The stealer, referred to as "TeamPCP Cloud stealer," is designed to steal credentials and secrets related to SSH keys, Git, Amazon Web Services (AWS), Google Cloud, Microsoft Azure, Kubernetes, Docker, .env files, databases, and VPNs, along with CI/CD configurations, data from cryptocurrency wallets, and Slack and Discord webhook URLs.
Like in the case of Trivy, the threat actors have been found to force-push tags to malicious commits containing the stealer payload ("setup.sh"). The stolen data is exfiltrated to the domain "checkmarx[.]zone" (IP address: 83.142.209[.]11:443) in the form of an encrypted archive ("tpcp.tar.gz").
The new version creates a "docs-tpcp" repository using the victim's GITHUB_TOKEN to stage the stolen data as a backup method if the exfiltration to the server fails. In the Trivy incident, the threat actors used the repository name "tpcp-docs" instead.
"The use of vendor-specific typosquat domains for each poisoned action is a deliberate deception technique," Sysdig said. "An analyst reviewing CI/CD logs would see curl traffic to what appears to be the action's own vendor domain, reducing the likelihood of manual detection."
The fact that the stealer's primary function is to harvest credentials from CI runner memory allows the operators to extract GitHub personal access tokens (PATs) and other secrets from when a compromised Trivy action executes in a workflow. To make matters worse, if those tokens have write access to repositories that also use Checkmarx actions, the attacker can weaponize them to push malicious code.
Critical n8n Flaws Allow Remote Code Execution and Exposure of Stored Credentials
Six Android Malware Families Target Pix Payments, Banking Apps, and Crypto Wallets
Apple Issues Security Updates for Older iOS Devices Targeted by Coruna WebKit Exploit
ThreatsDay Bulletin: OAuth Trap, EDR Killer, Signal Phishing, Zombie ZIP, AI Platform Hack and More
Veeam Patches 7 Critical Backup and Replication Flaws Allowing Remote Code Execution
Nine CrackArmor Flaws in Linux AppArmor Enable Root Escalation, Bypass Container Isolation
Google Fixes Two Chrome Zero-Days Exploited in the Wild Affecting Skia and V8
Chinese Hackers Target Southeast Asian Militaries with AppleChris and MemFun Malware
Meta to Shut Down Instagram End-to-End Encrypted Chat Support Starting May 2026
Android 17 Blocks Non-Accessibility Apps from Accessibility API to Prevent Malware Abuse
OpenClaw AI Agent Flaws Could Enable Prompt Injection and Data Exfiltration
Cybersecurity Weekly Recap: Chrome 0-Days, Router Botnets, AWS Breach, Rogue AI Agents and More
CISA Flags Actively Exploited Wing FTP Vulnerability Leaking Server Paths
Apple Fixes WebKit Vulnerability Enabling Same-Origin Policy Bypass on iOS and macOS
Popular Resources
Webinar - Identify Key Attack Paths to Your Crown Jewels with CSMA
Guide - Discover How to Validate AI Risks With Adversarial Testing
Get the 2026 ASV Report to Benchmark Top Validation Tools
Fix Security Noise by Focusing Only on Validated Exposures
Cybersecurity Webinars
Hidden Attack Paths You’re Missing
Learn to Find Hidden Vulnerabilities in Autonomous AI Agents
A practical deep dive into securing AI agents against real-world attack paths beyond the model itself.
Register
Pressure-Test Your Defenses
Automate Security Posture Validation with CTI-Driven Testing
See exactly where your controls stand against today’s threats—automated, accurate, approachable.
Register
Latest News
Cybersecurity Resources
The CISO's Guide: From VPN Replacement to Comprehensive ZTNAModernize secure access and eliminate lateral movement by connecting users directly to applications.
See What AI Really Means for Cyber DefendersThis SANS-expert keynote will change how you view AI security.
Earn a Master's in Cybersecurity Risk ManagementLead the future of cybersecurity risk management with an online Master’s from Georgetown.
Expert Insights Articles
Videos
Telegram's Crackdown Changed How Threat Actors Act, But Not Where They Act
March 23, 2026
Read ➝
Why Institutions of Higher Education Face Unique Identity Security and Management Risk
March 23, 2026
Read ➝
The Curated Catalog: The Biggest Defense Against Shai-Hulud 3.0
March 17, 2026
Read ➝
The Firewall Isn't Blind — It Just Needs to See Inside the Session
March 16, 2026
Read ➝
Get Latest News in Your Inbox
Get the latest news, expert insights, exclusive resources, and strategies from industry leaders – all for free.
Email
Connect with us!
1,015,000 Followers
700,100 Followers
24,600 Subscribers
148,500 Followers
1,990,000 Followers
42,600 Followers
Company
About THN
Advertise with us
Contact
Pages
Webinars
Awards
Privacy Policy
RSS Feeds
Contact Us
2026 The Hacker News. All Rights Reserved.
Related Information:
https://www.ethicalhackingnews.com/articles/TeamPCPs-Latest-Supply-Chain-Attack-Exploiting-GitHub-Actions-to-Steal-Credentials-ehn.shtml
https://thehackernews.com/2026/03/teampcp-hacks-checkmarx-github-actions.html
https://www.sysdig.com/blog/teampcp-expands-supply-chain-compromise-spreads-from-trivy-to-checkmarx-github-actions
Published: Tue Mar 24 06:46:37 2026 by llama3.2 3B Q4_K_M
