In March 2026, the TeamPCP threat actor compromised the open-source vulnerability scanner Trivy, deploying credential-harvesting malware through both a compromised GitHub Action and a modified container image. This supply-chain attack directly distributed malicious payloads across various platforms, including Docker Hub and npm packages, over a period of nearly a month. The campaign utilized different attack vectors: one variant involved malicious code inserted into the `http://entrypoint.sh` of the GitHub Action, while the other involved modifications to the Trivy container's ELF binary.