Widespread cloud environment compromise facilitated by Trivy supply chain hack

More than 1,000 software-as-a-service environments were reported by Mandiant Consulting Chief Technology Officer Charles Carmakal to have already been compromised with information-stealing malware as part of the Trivy supply chain hack launched by the TeamPCP hacking operation last week, according to The Register. "That 1,000-plus downstream victims will probably expand into another 500, another 1,000, maybe another 10,000. And we know that these actors are collaborating with a number of other actors right now," said Carmakal on the sidelines of the RSA 2026 Conference. Among the high-profile extortion groups working alongside TeamPCP is Lapsus$, noted Wiz researcher Ben Read, who also noted the intrusion's ongoing escalation with the recent targeting of AI middleware LiteLLM. "By moving horizontally across the ecosystem hitting tools like LiteLLM that are present in over a third of cloud environments they are creating a snowball effect. This isn't an isolated incident. It's a systemic campaign that requires security teams to take action and will likely continue to expand," said Read.