Two more GitHub Actions workflows have become the latest to be compromised by credential-stealing malware by a threat actor known as TeamPCP, the cloud-native cybercriminal operation also behind the Trivy supply chain attack.
The workflows, both maintained by the supply chain security company Checkmarx, are listed below -

checkmarx/ast-github-action
checkmarx/kics-github-action

Cloud security



Source: TheHackerNews
Source Link: https://thehackernews.com/2026/03/teampcp-hacks-checkmarx-github-actions.html