{ads}

Trivy Security Scanner GitHub Actions Breached, 75 Tags Hijacked to Steal CI/CD Secrets

Written By Friday, 20 March 2026 Add Comment



March 20, 2026 at 11:17PM

Trivy, a popular open-source vulnerability scanner maintained by Aqua Security, was compromised a second time within the span of a month to deliver malware that stole sensitive CI/CD secrets. The latest incident impacted GitHub Actions "aquasecurity/trivy-action" and "aquasecurity/setup-trivy," which are used to scan Docker container images for vulnerabilities and set up GitHub Actions workflow

from The Hacker News https://ift.tt/2cfHeMT

0 Response to "Trivy Security Scanner GitHub Actions Breached, 75 Tags Hijacked to Steal CI/CD Secrets"

Post a Comment

Subscribe to: Post Comments (Atom)

Article Top Ads

Central Ads Article 1

Middle Ads Article 2

Article Bottom Ads