Aqua’s Trivy Vulnerability Scanner Hit by Supply Chain Attack
Hackers published a malicious scanner release and replaced tags to point to information-stealer malware. The post Aqua’s Trivy Vulnerability Scanner Hit by Supply Chain Attack appeared first on SecurityWeek.
A threat actor compromised Aqua Security’s Trivy open source vulnerability scanner in a supply chain attack that started in late February.
On March 1, Trivy’s maintainers announced that the scanner’s GitHub repository had been compromised in an attack involving a GitHub Actions workflow issue. Some releases were deleted, and malicious versions of the application’s VS Code extensions were published to the Open VSIX marketplace.
The attack was part of a larger, automated attack campaign that hit multiple open source repositories via GitHub Actions workflows and resulted in a large natural-language prompt being injected into two malicious versions of Trivy’s VS Code extension.
Source: https://www.securityweek.com/aquas-trivy-vulnerability-scanner-hit-by-supply-chain-attack/
Related breach coverage
- European Commission Confirms Data Breach Linked to Trivy Supply Chain Attack2026-04-04
Hackers stole over 300GB of data from the Commission’s AWS environment, including personal information. The post European Commission Confirms Data Breach Linked to Trivy Supply Chain Attack appeared first on SecurityWeek.
- eScan Antivirus Delivers Malware in Supply Chain Attack2026-01-31
Hackers compromised a MicroWorld Technologies update server and fed a malicious file to eScan customers. The post eScan Antivirus Delivers Malware in Supply Chain Attack appeared first on SecurityWeek.
- Stryker Says Malicious File Found During Probe Into Iran-Linked Attack2026-03-24
The FBI has published an alert describing the malware used by Iranian government hackers. The post Stryker Says Malicious File Found During Probe Into Iran-Linked Attack appeared first on SecurityWeek.
- Infostealer Malware Delivered in EmEditor Supply Chain Attack2025-12-29
The ‘download’ button on the official EmEditor website served a malicious installer. The post Infostealer Malware Delivered in EmEditor Supply Chain Attack appeared first on SecurityWeek.