TeamPCP (also tracked as PCPcat, DeadCatx3, CipherForce, and ShellForce) is a threat group that emerged in late 2025. The group became more active in early 2026 after being linked to a series of software supply chain attacks targeting developer and security tooling.
Researchers believe the group is made up of younger operators, likely teenagers, to young adults. Despite their age, the group already shows advanced techniques, including the first reported use of Internet Computer Protocol (ICP) to support command-and-control (C2) activity.
The group targets the software delivery pipeline, which includes the systems used to build, test, and release applications. This includes GitHub Actions, security tools used during development, and continuous integration and continuous deployment (CI/CD) pipelines. One of the group’s most notable attacks involved Trivy, a vulnerability scanner commonly used inside CI/CD environments.
The Trivy Compromise
Trivy is widely used to scan code and cloud environments for vulnerabilities. To perform these scans, the tool needs broad access across systems and cloud infrastructure. That level of access is what makes tools like Trivy attractive targets for threat actors.
In March 2026, researchers found that attackers had compromised the software release process and inserted malicious code into official Trivy updates. Since updates were delivered through normal channels, organizations unknowingly installed the compromised version during routine maintenance.
Once active, the manipulated Trivy version collected sensitive data from affected environments, including:
|
|
The Trivy compromise is also said to have been the initial access vector used in the recent European Commission breach. CERT-EU reported that TeamPCP’s compromised version of Trivy was operating inside the environment during normal security scanning activity. During that time, an AWS cloud access key was exposed.
That credential allowed access to cloud storage and shared services used across multiple EU digital systems. Data tied to this incident later appeared on leak channels associated with ShinyHunters. This connection shows how stolen data from supply chain attacks can quickly spread through the broader cybercriminal ecosystem.
Infrastructure Shift: ICP
As mentioned above, this relatively new group is drawing attention for its use of Internet Computer Protocol (ICP) to support command-and-control. C2 operations are how attackers communicate with compromised systems, send instructions, and retrieve stolen data. Normally, this relies on centralized servers that can be identified, blocked, and taken offline. ICP changes this by distributing communication across a decentralized network instead of a single server. This makes it significantly more difficult because there is no single point defenders can shut down. It also suggests that the group is experimenting with infrastructure designed for persistence once access is achieved.
Recommendations
If your organization uses Trivy:
- Verify installed versions of Trivy
- Rotate credentials that may have been exposed to scanning tools
To reduce risks tied to compromised development and security tooling:
- Treat CI/CD pipelines and security tooling as high-risk infrastructure.
- Restrict automatic updates for critical development tools
- Limit permissions granted to build and scanning environments
- Monitor CI/CD pipelines for unusual changes or outbound connections
Subscribe
Stay up to date with cyber security trends and more