TechSecInfo

The tech + cyber briefing: what happened, why it matters, and where it came from.

Cyber Security

TeamPCP Hacks Checkmarx GitHub Actions Using Stolen CI Credentials

By rooter

Two more GitHub Actions workflows have become the latest to be compromised by credential-stealing malware by a threat actor known as TeamPCP, the cloud-native cybercriminal operation also behind the Trivy supply chain attack.
The workflows, both maintained by the supply chain security company Checkmarx, are listed below –

checkmarx/ast-github-action
checkmarx/kics-github-action

Cloud security

Oh hi there 👋
It’s nice to meet you.

Sign up to receive awesome content in your inbox, every month.

We don’t spam! Read our privacy policy for more info.

Oh hi there 👋
It’s nice to meet you.

Sign up to receive awesome content in your inbox, every month.

We don’t spam! Read our privacy policy for more info.

By rooter

Related Post

Cyber Security

Microsoft Proposes Better Identity, Guardrails for AI Agents

rooter
Cyber Security

Ghost Campaign Uses 7 npm Packages to Steal Crypto Wallets and Credentials

rooter
Cyber Security

5 Learnings from the First-Ever Gartner Market Guide for Guardian Agents

rooter

Leave a Reply

You Missed

News

Updates From ‘The Mandalorian and Grogu’, and More

News

Citrix NetScaler critical flaw could leak data, update now

News

Anthropic’s Claude Code and Cowork can control your computer

News

Instagram crypto scams are getting smarter and more expensive