Sam Stepanyan  🐘
#trivy: The GitHub repo of Cloud Security and Supply Chain Security vendor Aqua Security (@aquasecteam) popular vulnerability scanner tool 'trivy' was compromised yesterday via GitHub Actions:
#SoftwareSupplyChainSecurity
👇
https://github.com/aquasecurity/trivy/discussions/10265
Trivy security incident 2026-03-01 · aquasecurity trivy · Discussion #10265

Trivy has been attacked today via GitHub Actions, along with other popular projects: https://www.stepsecurity.io/blog/hackerbot-claw-github-actions-exploitation. We believe the vulnerability came f...

GitHub
Mar 2 at 3:53pmWeb