Trivy Security Scanner GitHub Actions Breached, 75 Tags Hijacked to Steal CI/CD Secrets

Overview

Trivy, a popular open-source vulnerability scanner maintained by Aqua Security, was compromised a second time within the span of a month to deliver malware capable of stealing sensitive CI/CD secrets. The latest incident impacted GitHub Actions "aquasecurity/trivy-action" and "aquasecurity/setup-trivy," which are used to scan Docker container images for vulnerabilities and set up GitHub Actions

Organisations Involved

The following organisations are mentioned in relation to this incident: Actions Breached, Aqua Security, GitHub, Secrets
Trivy, Tags Hijacked, Trivy Security Scanner.

Multi-Source Coverage

This event has been reported across multiple outlets:

• Trivy Security Scanner GitHub Actions Breached, 75 Tags Hijacked to Steal CI/CD Secrets — thehackernews

Sources: thehackernews. Aggregated by Cybernews Agency pipeline.