TeamPCP Hacking Group Expands Supply-Chain Attack on Aqua Security

The TeamPCP hacking group extended its supply-chain attack targeting Aqua Security by distributing malicious Docker images and compromising the company’s GitHub organization to alter dozens of repositories. The attack, initially involving the Trivy security scanner, now impacts Docker and GitHub environments linked to Aqua Security. No specific dates, CVE IDs, or technical details about the malicious payloads were disclosed. The hijacking of GitHub repositories suggests unauthorized access to modify or inject code into Aqua Security’s projects. The incident reflects an ongoing campaign to exploit supply-chain dependencies in security tooling.