Checkmarx KICS Code Scanner Targeted in Widening Supply Chain Hit

Summary

TeamPCP, an identified cyber threat actor, has launched coordinated attacks against multiple widely-used open-source and commercial security tools, including Checkmarx's KICS code scanner, Trivy vulnerability scanner, VS Code plugins, and the LiteLLM AI library. The campaign suggests a deliberate targeting of developer infrastructure and tools used across the software development lifecycle. Security researchers assess that additional attacks are likely as the threat actor continues probing the supply chain ecosystem.

Indicators of Compromise

• malware — TeamPCP
• malware — KICS
• malware — Trivy
• malware — LiteLLM