Information securityfromInfoWorld6 hours agoCERT-EU blames Trivy supply chain attack for Europa.eu data breachTeamPCP exploited Trivy to access sensitive cloud credentials and data, creating significant vulnerabilities for organizations.
Information securityfromTheregister1 week agoLiteLLM infected with credential-stealing code via TrivyLiteLLM versions v1.82.7 and v1.82.8 were removed from PyPI due to a supply chain attack injecting credential-stealing code.
Information securityfromThe Hacker News1 week agoTrivy Hack Spreads Infostealer via Docker, Triggers Worm and Kubernetes WiperMalicious Docker images were distributed following the Trivy supply chain attack, impacting developer environments and leading to further compromises.
Information securityfromArs Technica2 weeks agoWidely used Trivy scanner compromised in ongoing supply-chain attackAqua Security's Trivy vulnerability scanner has been compromised, affecting developers and organizations using it.
fromThe Hacker News2 weeks agoInformation securityTrivy Security Scanner GitHub Actions Breached, 75 Tags Hijacked to Steal CI/CD SecretsTrivy, an open-source vulnerability scanner, was compromised twice in a month, delivering malware that stole sensitive CI/CD secrets.
Information securityfromArs Technica2 weeks agoWidely used Trivy scanner compromised in ongoing supply-chain attackAqua Security's Trivy vulnerability scanner has been compromised, affecting developers and organizations using it.
Information securityfromThe Hacker News2 weeks agoTrivy Security Scanner GitHub Actions Breached, 75 Tags Hijacked to Steal CI/CD SecretsTrivy, an open-source vulnerability scanner, was compromised twice in a month, delivering malware that stole sensitive CI/CD secrets.