{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata — refreshed continuously.","feed_url":"https://feed.craftedsignal.io/tags/ci/cd/","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":["TeamPCP"],"_cs_cves":[],"_cs_exploited":false,"_cs_products":[],"_cs_severities":["high"],"_cs_tags":["supply-chain","ci/cd","infostealer"],"_cs_type":"threat","_cs_vendors":[],"content_html":"\u003cp\u003eTeamPCP is conducting a supply chain attack targeting multiple companies through the compromise of their CI/CD pipelines and GitHub accounts. The attack involves an infostealer designed to harvest sensitive information such as credentials from CI environments, contents of .env files, and cloud tokens. The compromised credentials allowed the attackers to gain unauthorized access and potentially inject malicious code into the software development lifecycle. The attack has impacted projects including Trivy, KICS, and LiteLLM, suggesting a broad targeting scope within the software development and cloud security sectors. This type of attack poses a significant risk to the integrity and security of the software supply chain, as compromised code can be distributed to numerous downstream users.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eInitial compromise of a developer\u0026rsquo;s machine or CI/CD environment via an unspecified initial access vector.\u003c/li\u003e\n\u003cli\u003eDeployment of an infostealer binary onto the compromised system.\u003c/li\u003e\n\u003cli\u003eThe infostealer scans the local file system for .env files containing sensitive credentials.\u003c/li\u003e\n\u003cli\u003eThe infostealer targets CI/CD environment variables to extract API keys, tokens, and other secrets.\u003c/li\u003e\n\u003cli\u003eThe infostealer searches for cloud tokens, potentially targeting AWS credentials, Azure service principals, or GCP service account keys.\u003c/li\u003e\n\u003cli\u003eExtracted credentials are used to gain unauthorized access to GitHub accounts and CI/CD pipelines.\u003c/li\u003e\n\u003cli\u003eAttackers inject malicious code or dependencies into the targeted projects, potentially leading to supply chain contamination.\u003c/li\u003e\n\u003cli\u003eCompromised code is distributed to downstream users of Trivy, KICS, LiteLLM, and other impacted projects.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eThe TeamPCP supply chain attack has impacted multiple companies and projects, including Trivy, KICS, and LiteLLM. The compromise of CI/CD pipelines and GitHub accounts allows attackers to inject malicious code into software projects, potentially affecting thousands of users. This can lead to data breaches, malware infections, and erosion of trust in the affected software. The exact number of victims is unknown, but the impact is significant due to the widespread use of the compromised projects in the cloud security and development sectors.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eImplement multi-factor authentication (MFA) on all GitHub accounts and CI/CD pipelines to prevent unauthorized access.\u003c/li\u003e\n\u003cli\u003eRotate API keys and tokens regularly, especially those used in CI/CD environments, to minimize the impact of credential theft.\u003c/li\u003e\n\u003cli\u003eImplement secrets scanning in CI/CD pipelines to prevent accidental exposure of sensitive information in code repositories.\u003c/li\u003e\n\u003cli\u003eDeploy the Sigma rule \u0026ldquo;Detect Infostealer Activity in CI/CD Environments\u0026rdquo; to identify suspicious processes accessing environment variables.\u003c/li\u003e\n\u003cli\u003eMonitor file system access for unusual reads of .env files, using the \u0026ldquo;Detect .env File Access\u0026rdquo; Sigma rule.\u003c/li\u003e\n\u003cli\u003eImplement network monitoring to detect anomalous connections originating from CI/CD servers or developer workstations.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-03-26T12:00:00Z","date_published":"2026-03-26T12:00:00Z","id":"/briefs/2026-03-teampcp-supply-chain/","summary":"TeamPCP compromised CI/CD pipelines and GitHub accounts of multiple companies by deploying an infostealer to extract credentials from CI environments, .env files, and cloud tokens, impacting projects like Trivy, KICS, and LiteLLM.","title":"TeamPCP Supply Chain Attack via CI/CD Compromise","url":"https://feed.craftedsignal.io/briefs/2026-03-teampcp-supply-chain/"},{"_cs_actors":["TeamPCP"],"_cs_cves":[],"_cs_exploited":false,"_cs_products":[],"_cs_severities":["high"],"_cs_tags":["supply-chain","github-actions","ci/cd"],"_cs_type":"threat","_cs_vendors":[],"content_html":"\u003cp\u003eOn March 23, 2026, Wiz.io reported a supply chain attack targeting the KICS (Keeping Infrastructure Configuration Secure) GitHub Action. The threat actor, identified as TeamPCP, successfully compromised the KICS GitHub Action, potentially impacting numerous organizations utilizing the action in their CI/CD pipelines. This incident highlights the risks associated with supply chain dependencies and the potential for malicious actors to inject malicious code into widely used software components. The KICS GitHub Action is used to scan infrastructure-as-code (IaC) files for security vulnerabilities, making its compromise a significant security concern. Organizations that used the compromised version of the action may have had their secrets exfiltrated, or their infrastructure configurations altered.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003cp\u003eDue to the limited information, the attack chain below is based on a typical supply chain compromise scenario:\u003c/p\u003e\n\u003col\u003e\n\u003cli\u003eTeamPCP gains unauthorized access to the KICS GitHub Action repository or its build process.\u003c/li\u003e\n\u003cli\u003eThe attacker injects malicious code into the KICS GitHub Action. This code could be designed to exfiltrate sensitive information, modify infrastructure configurations, or establish a backdoor.\u003c/li\u003e\n\u003cli\u003eA new version of the KICS GitHub Action, containing the malicious code, is released and made available on the GitHub Marketplace.\u003c/li\u003e\n\u003cli\u003eOrganizations using the KICS GitHub Action automatically update to the compromised version through their CI/CD pipelines.\u003c/li\u003e\n\u003cli\u003eThe malicious code executes within the CI/CD environments of victim organizations, potentially gaining access to environment variables, secrets, and other sensitive data.\u003c/li\u003e\n\u003cli\u003eThe malicious code exfiltrates collected data to attacker-controlled infrastructure.\u003c/li\u003e\n\u003cli\u003eThe attacker uses the exfiltrated data to further compromise the victim\u0026rsquo;s infrastructure or gain unauthorized access to their systems.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eThe compromise of the KICS GitHub Action represents a significant supply chain risk. Organizations utilizing the compromised action in their CI/CD pipelines could have experienced exfiltration of sensitive data, including API keys, credentials, and infrastructure configurations. Successful exploitation could lead to unauthorized access to cloud resources, data breaches, and disruption of services. While the exact number of affected organizations remains unclear, the widespread use of KICS suggests a potentially large impact.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eInvestigate CI/CD pipeline logs for usage of the compromised KICS GitHub Action version (refer to Overview).\u003c/li\u003e\n\u003cli\u003eAudit GitHub Action dependencies in CI/CD pipelines to identify and remove any unauthorized or suspicious actions (refer to Overview).\u003c/li\u003e\n\u003cli\u003eMonitor network traffic originating from CI/CD environments for connections to unusual or malicious destinations (based on potential exfiltration in Attack Chain).\u003c/li\u003e\n\u003cli\u003eImplement stricter access controls and monitoring for GitHub Action repositories and build processes to prevent future supply chain attacks (refer to Overview).\u003c/li\u003e\n\u003cli\u003eDeploy the Sigma rule detecting suspicious script execution within GitHub Action workflows to identify potential malicious activity (see rule below).\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-03-23T19:20:57Z","date_published":"2026-03-23T19:20:57Z","id":"/briefs/2024-06-07-teampcp-kics-supply-chain/","summary":"TeamPCP conducted a supply chain attack compromising the KICS GitHub Action, impacting users who integrated the compromised version into their CI/CD pipelines.","title":"TeamPCP Compromise of KICS GitHub Action Supply Chain","url":"https://feed.craftedsignal.io/briefs/2024-06-07-teampcp-kics-supply-chain/"},{"_cs_actors":[],"_cs_cves":[],"_cs_exploited":false,"_cs_products":[],"_cs_severities":["high"],"_cs_tags":["supply-chain","github-actions","ci/cd","tag-hijacking"],"_cs_type":"advisory","_cs_vendors":[],"content_html":"\u003cp\u003eOn March 20, 2026, a breach was reported affecting the Trivy Security Scanner GitHub Actions. The incident involved the hijacking of 75 tags associated with the project. While the exact method of tag hijacking is not detailed, the attacker\u0026rsquo;s objective was to steal CI/CD secrets. This attack could affect any project using the compromised tags in their GitHub Actions workflows. Successful exploitation allows an attacker to gain access to sensitive credentials, API keys, and other secrets stored within the CI/CD environment, leading to potential data breaches, supply chain compromise, and unauthorized access to critical systems. Defenders should focus on detecting and preventing unauthorized modifications to GitHub Action workflows and monitoring for suspicious access to CI/CD secrets.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eThe attacker compromises the GitHub repository or account with permissions to manage tags for the Trivy Security Scanner GitHub Actions.\u003c/li\u003e\n\u003cli\u003eThe attacker creates or modifies existing tags (75 in this case) to point to malicious code repositories.\u003c/li\u003e\n\u003cli\u003eUsers unknowingly include the compromised tags in their GitHub Actions workflows, triggering the malicious code during CI/CD pipeline execution.\u003c/li\u003e\n\u003cli\u003eThe malicious code executes within the user\u0026rsquo;s CI/CD environment, gaining access to environment variables and secrets.\u003c/li\u003e\n\u003cli\u003eThe attacker\u0026rsquo;s code exfiltrates the stolen CI/CD secrets to an external server controlled by the attacker.\u003c/li\u003e\n\u003cli\u003eThe attacker uses the stolen secrets to gain unauthorized access to victim\u0026rsquo;s systems, cloud resources, or code repositories.\u003c/li\u003e\n\u003cli\u003eThe attacker may further compromise the victim\u0026rsquo;s infrastructure, inject malicious code into software builds, or steal sensitive data.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eThis attack has the potential to impact a wide range of organizations that rely on the Trivy Security Scanner GitHub Actions in their CI/CD pipelines. The successful theft of CI/CD secrets can lead to significant data breaches, supply chain compromise, and unauthorized access to critical infrastructure. The scope of impact depends on the number of users affected by the compromised tags and the sensitivity of the secrets stored within their CI/CD environments. The incident could result in financial losses, reputational damage, and legal liabilities for affected organizations.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReview GitHub Actions workflows for use of the compromised Trivy Security Scanner tags (reference: Overview).\u003c/li\u003e\n\u003cli\u003eImplement stricter access controls and multi-factor authentication for GitHub accounts with permissions to manage tags (reference: Attack Chain).\u003c/li\u003e\n\u003cli\u003eDeploy the Sigma rule to detect suspicious script execution within GitHub Actions workflows (reference: rules).\u003c/li\u003e\n\u003cli\u003eMonitor network traffic for unusual outbound connections originating from CI/CD environments, indicative of secret exfiltration (reference: rules).\u003c/li\u003e\n\u003cli\u003eImplement secrets scanning tools to detect exposed credentials and API keys within code repositories and CI/CD environments (reference: Attack Chain).\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-03-21T12:00:00Z","date_published":"2026-03-21T12:00:00Z","id":"/briefs/2026-03-trivy-tag-hijacking/","summary":"Attackers hijacked 75 tags associated with the Trivy Security Scanner GitHub Actions to steal CI/CD secrets from users of the compromised tags.","title":"Trivy Security Scanner GitHub Actions Tag Hijacking for CI/CD Secret Theft","url":"https://feed.craftedsignal.io/briefs/2026-03-trivy-tag-hijacking/"}],"language":"en","title":"CraftedSignal Threat Feed — Ci/Cd","version":"https://jsonfeed.org/version/1.1"}