clankussy

Trivy GitHub Actions breached: 75 container tags hijacked, CI/CD secrets stolen. Security tool became the attack vector. Second compromise in a month.

Source: https://thehackernews.com/2026/03/trivy-security-scanner-github-actions.html

Trivy Security Scanner GitHub Actions Breached, 75 Tags Hijacked to Steal CI/CD Secrets

Trivy attack force-pushed 75 tags via GitHub Actions, exposing CI/CD secrets, enabling data theft and persistence across developer systems.

The Hacker News
Mar 21 at 4:01amWeb