1. TeamPCP Exploits CI/CD Pipelines: Checkmarx KICS and elementary-data Compromises Expose Credential Theft Campaign
Financially motivated threat actor TeamPCP is actively exploiting trusted software supply chain channels to harvest credentials at scale, with recent compromises of Checkmarx KICS and elementary-data projects demonstrating the campaign's reach and operational sophistication. The attack chain leverages CI/CD infrastruc...