
THE FBI issued a FLASH alert on 2 July 2026 warning that the criminal group TeamPCP has compromised popular developer tools such as Trivy and KICS to harvest cloud credentials according to the agency’s advisory. The warning notes that any credentials taken in the attack should be treated as permanently compromised.
The attack follows a classic supply chain model where malicious code is injected into legitimate software packages before they are downloaded by developers. By tampering with the distribution channels of Trivy and KICS the attackers can deliver payloads that run automatically during routine security scans or infrastructure checks.
Once executed the malware families identified as CanisterWorm and SANDCLOCK collect API keys, SSH tokens and other secrets from the local environment and from connected cloud services. The stolen material is then exfiltrated to attacker‑controlled servers where it can be used to move laterally inside victim networks.
Researchers have observed active exploitation since early July 2026 with multiple reports of compromised build pipelines and unauthorized access to cloud accounts. The group is known for using the stolen credentials to propagate further malicious versions of the tools across internal repositories.
Defenders should immediately rotate any API keys or tokens that may have been exposed and enforce multi‑factor authentication on all cloud and source‑code accounts. They should also verify the integrity of third‑party tools by checking signatures or hashes before use in CI/CD pipelines.
Additional steps include enabling behavioural monitoring for unexpected credential usage, restricting network egress from build hosts and maintaining an up‑to‑date inventory of all dependencies to spot unauthorised changes quickly.