JoshuaDavidMar 21

Attempts to post the latest Trivy security incident have been marked [dead]

https://news.ycombinator.com/from?site=github.com%2Faquasecurity

Submissions from github.com/aquasecurity | Hacker News

Show threadmtmailMar 21

Looks like the repository URL was marked [dead] for several years, I can't tell why. Best to email the moderator (link in footer).

Big security stories often get republished, one might say reviewed and filtered. For this story I see

opensourcemalware.com - https://news.ycombinator.com/item?id=47449498

stepsecurity.io - https://news.ycombinator.com/item?id=47451081

arstechnica.com - https://news.ycombinator.com/item?id=47464996

and 4 others.

Aquasecurity/Trivy GitHub Repository and Homebrew Cask Compromised (again) | Hacker News

Show threadkay_oMar 21

Looking at https://news.ycombinator.com/from?site=github.com/aquasecuri... around 2024 when the dead started, a spambot ring was repeatedly posting it?

( Make need to turn on "showdead"; to see it in the 2024 they have similar posts .. )

Submissions from github.com/aquasecurity | Hacker News

Show threadcluckindan
Maybe it was intentionally compromised all along.
Mar 21 at 11:27pmWeb