Trivy Vulnerability Scanner Hacked via Supply Chain Attack: What You Need to Know

Anuj March 23, 2026
Trivy-Vulnerability-Scanner-Hacked-via-Supply-Chain-Attack-What-You-Need-to-Know
Post Views: 158

Aqua Security’s Trivy Vulnerability Scanner Hit by Supply Chain Attack

In late February, a threat actor compromised Aqua Security’s Trivy open-source vulnerability scanner.

Compromise Details

  • The attack involved a GitHub Actions workflow issue.
  • Some releases were deleted, and malicious versions of the application’s Visual Studio (VS) Code extensions were published to the Open VSIX marketplace.
According to Trivy’s maintainers, credential rotation was performed after the initial disclosure on March 1. However, the rotation was not atomic, allowing the attacker to potentially use a valid token to exfiltrate newly rotated secrets during the rotation window.

The attackers used the compromised credentials to push a malicious Trivy release (version v0.69.4) that was distributed across all regular channels, including GitHub Container Registry, Amazon Elastic Container Registry Public, and Docker Hub.

Malicious Release

  • The malicious release contained an information-stealing malware designed to dump the Runner.Worker process memory and extract all secrets from it.
  • The malware was also capable of encrypting the harvested data and sending it to a remote server.
  • If the exfiltration failed, it created a public GitHub repository and uploaded the data to it.

Additionally, the attackers targeted the setup-trivy releases, force-pushing all tags to malicious commits, leading to the same infostealer.

Remediation Efforts

  • Trivy’s maintainers released clean iterations of Trivy (versions v0.69.2 and v0.69.3), trivy-action (v0.35.0), and setup-trivy (v0.2.6).
  • Due to the original trivy-action tags being deleted during remediation, new tags with a ‘v’ prefix were published.

Users are urged to rotate all credentials, tokens, and other secrets if a compromised version of Trivy, trivy-action, or setup-trivy ran on their environments.

Attribution and Further Attacks

  • Trivy’s maintainers have attributed the attack to a threat actor known as TeamPCP, which has expanded its activity following the Trivy compromise.
  • TeamPCP has targeted the NPM ecosystem with the CanisterWorm malware, compromising over 45 NPM packages and injecting them with a post-install loader that fetches a persistent Python backdoor.
  • This enables dynamic payload delivery via an ICP canister used for command-and-control (C&C) dead-drop.

CanisterWorm is capable of extracting NPM tokens, resolving usernames, enumerating published packages, creating new package versions, and publishing the payload across all of them.

TeamPCP’s Activity

  • TeamPCP emerged in late 2025, targeting cloud-native infrastructure via exposed CI/CD pipelines, Docker APIs, and Kubernetes clusters.
  • The threat actor is known for mounting supply chain attacks and leveraging credentials stolen from cloud workloads and GitHub Actions runners via memory scrapers.



About Author

Anuj

See author's posts

More Stories

www.news4hackers.com-ai-assistant-impersonation-fuels-rise-in-online-scams-ai-assistant-impersonation-fuels-rise-in-online-scams

AI Assistant Impersonation Fuels Rise in Online Scams

Anuj May 25, 2026
www.news4hackers.com-iphone-security-alert-how-one-misstep-can-compromise-your-entire-digital-identity-iphone-security-alert-how-one-misstep-can-compromise-your-entire-digital-identity

iPhone Security Alert: How One Misstep Can Compromise Your Entire Digital Identity

Anuj May 24, 2026
www.news4hackers.com-italy-cracks-down-on-cinemagoal-app-stealing-streaming-auth-codes-italy-cracks-down-on-cinemagoal-app-stealing-streaming-auth-codes

Italy Cracks Down on Cinemagoal App Stealing Streaming Auth Codes

Anuj May 23, 2026

Latest Cyber Security News

www.news4hackers.com-a-single-typo-can-derail-your-fifa-world-cup-plans-a-single-typo-can-derail-your-fifa-world-cup-plans

A Single Typo Can Derail Your FIFA World Cup Plans

Anuj May 28, 2026
www.news4hackers.com-sextortionist-sentenced-to-33-years-for-targeting-145-children-online-sextortionist-sentenced-to-33-years-for-targeting-145-children-online

Sextortionist Sentenced to 33 Years for Targeting 145 Children Online

Anuj May 28, 2026
www.news4hackers.com-google-introduces-artificial-intelligence-cybersecurity-solution-google-introduces-artificial-intelligence-cybersecurity-solution

Google Introduces Artificial Intelligence Cybersecurity Solution

Anuj May 28, 2026
www.news4hackers.com-fifa-fan-scam-300-fake-domains-spreading-infostealer-malware-fifa-fan-scam-300-fake-domains-spreading-infostealer-malware

FIFA Fan Scam: 300+ Fake Domains Spreading Infostealer Malware

Anuj May 28, 2026
www.news4hackers.com-forex-trading-scam-26-2-lakh-lost-through-fake-app-and-misleading-promises-forex-trading-scam-26-2-lakh-lost-through-fake-app-and-misleading-promises

Forex Trading Scam: ₹26.2 Lakh Lost through Fake App and Misleading Promises

Anuj May 28, 2026
en_USEnglish
en_USEnglish