Signal
Trivy Security Scanner GitHub Actions Breached, 75 Tags Hijacked to Steal CI/CD Secrets
Attackers have compromised the widely used open-source Trivy vulnerability scanner, injecting credential-stealing malware into official releases and GitHub Actions used by thousands of CI/CD workflows.
rss
securitycso_online
Evidence locked
Today's free sample is only available for the edition's flagship signal.
Evidence preview
- Trivy vulnerability scanner backdoored with credential stealer in supply chain attackCSO Online
- Trivy Security Scanner GitHub Actions Breached, 75 Tags Hijacked to Steal CI/CD SecretsThe Hacker News