TI Mindmap HUB
Threat Intelligence Report

TeamPCP expands: Supply chain compromise spreads from Trivy to Checkmarx GitHub Actions | Sysdig

📅 March 27, 2026 📰 webflow.sysdig.com 🔍 0 CVE(s) referenced

The TeamPCP threat actor escalated their supply chain attack by leveraging stolen credentials from a compromised Trivy GitHub Action to poison Checkmarx’s GitHub Action, enabling widespread credential theft and data exfiltration across CI/CD pipelines through stealthy, behaviorally identical payloads.

Sign in to access the full report including:
detailed analysis, IOCs, MITRE ATT&CK mapping, and STIX bundle.

🔐 Sign In to Read Full Report

You'll need to accept our Terms of Service to access the platform.

📊 Visual Mindmap
🎯 IOC Extraction
⚔️ MITRE ATT&CK TTPs
📦 STIX 2.1 Bundle