75 of 76 trivy-action tags hijacked in five days. The pattern, three checks, and what to automate. Hey — Between March 19 and March 24, 2026, the "TeamPCP" actor force-pushed mutable tags on three popular security-tool repos. 75 of 76 trivy-action tags plus 7 setup-trivy tags went first. Four days later, all 91 Checkmarx KICS action tags were repointed. The same group landed malicious LiteLLM builds on PyPI on the 24th. Every CI pipeline pinned to @v0 , @main , or @latest on those actions ran attacker code on its next build. The injected payload was not subtle: it scraped the hosted GitHub runner's process memory for variables marked isSecret: true , swept the filesystem for SSH keys and cloud credentials, encrypted everything with AES-256-CBC + RSA-4096, and exfiltrated it. If you used Trivy or KICS in CI without a SHA pin, assume those secrets are gone. Rotate, then come back to this email.…