TeamPCP expands: Supply chain compromise spreads from Trivy to Checkmarx GitHub Actions

The Sysdig Threat Research Team observed TeamPCP compromise the aquasecurity/trivy-action and subsequently the Checkmarx/ast-github-action, deploying an identical credential-stealer that scraped CI runner memory and cloud IMDS, packaged secrets into an AES-256+RSA-4096 archive named tpcp.tar.gz, and exfiltrated to vendor-typosquat domains (scan.aquasecurtiy.org and checkmarx.zone). The attack enabled cascading poisoning of additional GitHub Actions via harvested tokens, bypassed static and reputation controls, and was detected by runtime behavioral rules (Falco/Sysdig Secure); the report includes IOCs and remediation steps such as secret rotation, SHA pinning, and enabling runtime detection.