A multi-stage supply chain attack compromised Aqua Security’s GitHub Actions infrastructure for Trivy and KICS, hijacking approximately 75 release tags and injecting malicious code into CI/CD workflows; a second malicious release (v0.69.4) was published after initial containment, confirming attacker persistence beyond the first remediation effort. No CVE has been assigned; attribution at medium confidence points to the ‘TeamPCP’ threat actor per Wiz research. Any organization consuming aquasecurity/trivy-action, aquasecurity/setup-trivy, or checkmarx/kics-github-action via version tag references should immediately pin all references to a known-good SHA commit hash, review CI/CD pipeline logs from the compromise window for anomalous outbound connections and process execution, and rotate all secrets accessible to affected runner environments.