The Hacker News
@thehackernews
�� TeamPCP expanded its supply chain attack to Checkmarx GitHub Actions, deploying the same CI credential stealer used in the Trivy breach.
Stolen tokens are reused to push malicious commits into other repos, enabling a cascading compromise across CI workflows.
�� Read → https://thehackernews.com/2026/03/teampcp-hacks-checkmarx-github-actions.html
Stolen tokens are reused to push malicious commits into other repos, enabling a cascading compromise across CI workflows.
�� Read → https://thehackernews.com/2026/03/teampcp-hacks-checkmarx-github-actions.html
🔥 10
👍 4
⚡ 2
26 9K
Обсуждение 0
Обсуждение не доступно в веб-версии. Чтобы написать комментарий, перейдите в приложение Telegram.
Обсудить в Telegram