A threat actor known as TeamPCP expanded its supply chain attack from Aqua Security's Trivy to Checkmarx's AST GitHub Action. The attack, which began on March 19, 2026, involved injecting a credential-stealing payload into CI/CD pipelines across thousands of repositories. The malicious code harvested secrets from runner memory, queried cloud metadata, and exfiltrated encrypted data to typosquat domains. The Checkmarx compromise occurred approximately four days after the initial Trivy incident, using identical techniques but targeting a different action. This cascading effect demonstrates how compromised actions can be used to harvest credentials and compromise additional dependencies. Runtime detection proved effective in identifying the attack pattern across both waves, as the underlying behavior remained consistent despite changes in the delivery mechanism.