Security Tools Turned Against Their Users

TeamPCP compromised three widely used security scanning tools—Trivy, Checkmarx, and Bitwarden—starting March 19, injecting malware into the automated build pipelines organizations rely on to catch threats. The attack inverted the defender's advantage: the very systems meant to detect breaches became vectors for intrusion. Attackers retained access for weeks after discovery. The malware included a data wiper targeting Iranian infrastructure.

Published 28 days ago

Read at another depth

Expert Beginner

Recent briefs

See all briefs →

Europe's Gas Use Falls Below 2022 Levels—A Structural ShiftJune 4, 2026
Rio Tinto Puts One Executive in Charge of Its Global Iron OreJune 4, 2026
Somalia Holds Election After Constitutional Power StruggleJune 4, 2026
House Votes to End Iran Military Conflict After Months of GridlockJune 4, 2026
After 34 Years, Disneyland Paris Finally Turns ProfitableJune 4, 2026
Real Madrid's First Election Fight in 20 Years: A Star-Powered GambleJune 4, 2026
Congo's New Ebola Outbreak Tests Years of PreparationJune 4, 2026
UK Police Arrest Stabbing Victim Based on Attacker's False AccountJune 4, 2026