Mastodawn

🚨 Attackers exploited the Trivy supply chain to spread an infostealer, leading to credential theft and Kubernetes attacks.

If you use Trivy, this may impact your environment.

🔍 Malicious Trivy versions (0.69.4–0.69.6) silently stole SSH keys, cloud creds, CI/CD secrets & more.

Attackers used this access to spread a worm and even deploy destructive Kubernetes payloads.

One compromised tool → full environment exposure.

🛡️ BaseFortify helps you identify where vulnerable tools like Trivy are used across your environment.

Map components, detect exposure, and prioritize remediation faster when incidents hit.

Visibility = faster response.