Threat Intelligence Report

TeamPCP: Trivy Supply Chain Attack and Kubernetes Wiper

📅 March 25, 2026 📰 labs.cloudsecurityalliance.org 🔍 3 CVE(s) referenced

TeamPCP exploited incomplete credential rotation to hijack the trusted Trivy vulnerability scanner, unleashing a three-stage supply chain attack that harvested CI/CD secrets, propagated a blockchain-resilient worm, and deployed a geopolitically targeted Kubernetes wiper, demonstrating how a single security tool compromise can cascade into widespread, irrecoverable cloud-native destruction.

vendor

CVE-2025-29927, CVE-2025-55182, CVE-2026-33634

🔐 Sign In to Read Full Report

You'll need to accept our Terms of Service to access the platform.

📊 Visual Mindmap

🎯 IOC Extraction

⚔️ MITRE ATT&CK TTPs

📦 STIX 2.1 Bundle