Dark Reading

Trivy Supply Chain Attack Targets CI/CD Secrets

A threat actor used the open source security tool to breach CI/CD workflows and steal cloud credentials, SSH keys, and other ...
The Hacker News

⚡ Weekly Recap: CI/CD Backdoor, FBI Buys Location Data, WhatsApp Ditches Numbers & More

Trivy backdoored, FBI buys location data, iOS DarkSword kit, WhatsApp usernames, Langflow RCE, Cisco FMC zero-day & critical ...
SecurityWeek

Aqua’s Trivy Vulnerability Scanner Hit by Supply Chain Attack

Aqua Security’s Trivy vulnerability scanner was compromised in a supply chain attack, leading to information-stealing ...
The Hacker News

Trivy Hack Spreads Infostealer via Docker, Triggers Worm and Kubernetes Wiper

Trivy supply chain attack pushed malicious Docker images on March 22, enabling credential theft and worm spread, impacting ...

Trivy supply-chain attack spreads to Docker, GitHub repos

The TeamPCP hackers behind the Trivy supply-chain attack continued to target Aqua Security, pushing malicious Docker images ...